Search results

seeing this now too on my servers. but its harmless, correct?

broken on my setup too: would it be an option to just remove that line? IdentLookups off i mean, its allready set to off in my config.... or would it break other stuff?

as a workaround i wrote a regex to manually get all banned ip's from the log files and add them to fail2ban modsec jail. for all experiencing the same problem you could run this as a cronjob as a temp solution: #/bin/bash for i in $(grep -EIo "\[client (([0-9]{1,3}\.){3}[0-9]+)\] ModSecurity...

today i saw there were updates and fail2ban was one of them so i removed the current filter and updated. new version is 0.11.1 and a new filter was installed... and the regex was a bit different than it was with previous version. it now is: failregex = ^%(_apache_error_client)s(?: \[client...

got this today for the first time :"channel 'updates.spamassassin.org': SHA512 verification failed, channel failed" but i guess nothing to worry about right?

really nobody?

I would be very happy if someone could post their working 'failregex' line so i can compare. thx!

nobody having this problem?

I noticed by accident when checking jails that de modsec jail has no ip's then i checked my other servers and all modsec jails have nothing banned although the log files are full of modsec bans. so i ran a check so no mtaches at all. then i checked the failregex itself and it looks just...

since the last update it seems custom options arent honored anymore. I had set SecRequestBodyLimit under long time ago: Comodo WAF ... -> Userdata -> Custom Rules: but this is now suddenly disregarded: this custom value is also in: which should override (right?): Version info as...

ok, solved it by comparing with another server that did do the update. difference was the options.conf file in custombuild dir: just set these options and should be good to go.. unless you made some custom changes to /etc/exim.conf so make a copy first and after run a diff

did an update today but i get: not sure where to get the latest conf file and why i dont have it in the first place.

thx, that worked!

this server was already configured before i had to deal with it. i cant find how to properly install it for directadmin compile process. most forums say you need to use pecl but it is deprecated... also php-pear package is removed from centos 7.

if you have rules that generate false positives you can exlude that rule in the same userdata field: SecRuleRemoveById xxxxxx if you have fail2ban configured to read the modsecurity logs to ban repeat offenders make sure to unban the wrongly banned ip numbers. (ip numbers that were falsely...

Hey gang, i'm getting errors with php: i think centos had a minor release update and replaced old imagemagick with a newer version and i have no clue how to fix this. also tried recompiling php but same error. # yum provides libMagickWand.so.5 No matches found # locate libMagickWand...

I have a domain setup like, eg: sub.domain.tld the dns doesnt actually point to this server (it points to old server and once the website has been migrated from the old server the dns will be updated.) So.. creating this gives no error although the dns points to another ip. so far so good...

I was wondering how it is possible that a php script can write in users home dir without allowing apache write access? Webserver runs as apache (with php-fpm) and the home dir is /home/user2 and has permissions: user2:user2 with 750 example: if i have a php script in...

OooOohhh.. thats where they are... i always checked them in /var/log/httpd/domains/domain.com*.log sorry my bad.

Nobody got any idea why "Keep Number of Apache Log Backups 5" only gives my the log of today and not the other 4 previous days?