Hi
From security and performance point of view, what is the best way to run mod_security in cPanel servers?
- cPanel way: compiling apache with mod_security support?
- Litespeed way: placing mod_security rules in request filter fields?
Ruining in cPanel way I'm getting some weird issues, litespeed is blocking some actions but if I switch to Apache, the same action works fine.
This test is blocked when I'm using apache but no when I'm using litespeed wget http://localhost/foo.php?foo=http://fakeattacker.com
For now I set mod_sec rules in litespeed request filter and I didn't notice any problem but I'm unsure if is doing something at all
BTW I'm using gotroot paid rules
From security and performance point of view, what is the best way to run mod_security in cPanel servers?
- cPanel way: compiling apache with mod_security support?
- Litespeed way: placing mod_security rules in request filter fields?
Ruining in cPanel way I'm getting some weird issues, litespeed is blocking some actions but if I switch to Apache, the same action works fine.
This test is blocked when I'm using apache but no when I'm using litespeed wget http://localhost/foo.php?foo=http://fakeattacker.com
For now I set mod_sec rules in litespeed request filter and I didn't notice any problem but I'm unsure if is doing something at all
BTW I'm using gotroot paid rules