Could I use modsecurity on litespeed(enterprise) and openlitespeed?

#1
I would like to use litespeed(commercial) or openlitespeed with the WAF(modsecurity).
However, in my environment, it seems that litespeed does not load modsecurity rules correctly.

I did 2 putterns. omegle xender

>1
openlitespeed with libmodsecurity
(I confirmed modsecurity itself was loaded from admin WEBGUI(port:7080))

>2
litespeed(commercial) with modsecurity2 in apache config
(I confirmed apache configtest is ok and litespeed recognized the apache config from the webgui)

Would it be possible to tell me how to load modsecurity rules correctly?
I use the latest atomic's rules for apache.

(If it's necessary to attach files, please specify the configuration or logs. I will do it.)
 
Last edited:

Pong

Administrator
Staff member
#3
For LSWS, in control panel envirment, normally you just enable mod_security rule set the same way as Apache through apache configuration. LSWS will read apache configuration and act the same. Bascially you just use whm to do so(which will write configuration to apache configuration, LSWS will act the same).

If you enable mod_security without any issue, just one rule doesn't work as expected, please show us the detail of the rule, test URL, apache log triggering the rule and LSWS log triggering(or did not trigger) the rule. we can check further.
 
Top