cd /usr/local/directadmin/custombuild
./build rewrite_confs
This does not confirm (nor deny) that the problem is gone
SecRuleRemoveById 212320
I would try to put SecRuleRemoveById 212320 in comodo_rules.conf and try if it is working.inside the file comodo_rules.conf there is nothing, it is blank.
What’s inside /usr/local/directadmin/data/users/username/bessa-consulultores.online.modsecurity_rules file?
SecRuleEngine On
SecRuleRemoveById 212320
SecRuleRemoveById 212340
SecRuleRemoveById 212890
SecRule REMOTE_ADDR "@ipMatch xxx.xxx.xxx.xxx" \
"id:1000, phase:1, pass, nolog, ctl:ruleEngine=Off"
new ids appeared, added and solved.Yes removing 1 id leads to another id. Result hours of removing id's.
Do you alone need to remove these id's? Or are they needed for customer/guests for a working site?
I was sick and tired of hunting id's that keep popping up. So I choose another approach. I whitelisted my ip in modsecurity and now I don't need to remove id's.
Code:SecRule REMOTE_ADDR "@ipMatch xxx.xxx.xxx.xxx" \ "id:1000, phase:1, pass, nolog, ctl:ruleEngine=Off"
I think you simply don't have these custom rules in custom/modsecurity/conf/ folder, thus update cleaned the old files up.I would try to put SecRuleRemoveById 212320 in comodo_rules.conf and try if it is working.
As I understand it, in the next release of DA (you're on a pre release now) it will be possible to set rules on a per domain basis.
I hope the old functionality will still remain, because I apply all rules server wide.
@smtalk, please take a look at post 26, https://forum.directadmin.com/threads/mod_security-enable-and-disable-in-panel.62006/post-319310 concerning removing rules with DA/CB updates.