Hi all,
So, since 1.689 Modsecurity is now non-inherited, only configured per subdomains, or using global configuration.
Am I correct in that there is no way to get the previous behaviour back?
I host for several users, several domains which each have many subdomains.
The current setup doesn't allow me as administrator nor users at their level to easily view all blocked requests, as we now have to go through each and every subdomain manually. At least, I can't find a way to see the combined log in DA now?
Configuring exceptions is the same problem...
Using global configuration is not appropriate here as the rule exceptions vary per services which are each on a domain. So before, the exceptions were set per domain.
Now, it means having to go through the separate config for each and every subdomain to set the same config.
Of course, a bash script can sync the settings but I love the beauty of working in the GUI.
Am I misunderstanding how to use the new setup? Or is the use case of my users (exceptions per domain, with many subdomains per domain) that exceptional?
I'm just posting this here, as I've found usually changes work well (even if change is hard to deal with for the human brain
), but in this case it's really broken the workflow on my server and I wonder what I'm missing.
Thanks!
So, since 1.689 Modsecurity is now non-inherited, only configured per subdomains, or using global configuration.
Am I correct in that there is no way to get the previous behaviour back?
I host for several users, several domains which each have many subdomains.
The current setup doesn't allow me as administrator nor users at their level to easily view all blocked requests, as we now have to go through each and every subdomain manually. At least, I can't find a way to see the combined log in DA now?
Configuring exceptions is the same problem...
Using global configuration is not appropriate here as the rule exceptions vary per services which are each on a domain. So before, the exceptions were set per domain.
Now, it means having to go through the separate config for each and every subdomain to set the same config.
Of course, a bash script can sync the settings but I love the beauty of working in the GUI.
Am I misunderstanding how to use the new setup? Or is the use case of my users (exceptions per domain, with many subdomains per domain) that exceptional?
I'm just posting this here, as I've found usually changes work well (even if change is hard to deal with for the human brain
), but in this case it's really broken the workflow on my server and I wonder what I'm missing.Thanks!