Voters 24
-
-
-
-
-
M
-
-
R
- + 18 voters
-
M
-
B
-
-
A
-
W
-
Z
-
M
-
R
-
A
-
-
-
A
-
-
D
-
J
-
L
-
D
24
ModSecurity User Level Restriction
- Live
|
|
Khurram Shahzad |
Hi,
Add Modsecurity Icon in User Level, able to enable & Disable this feature for single user or domain
Activity Newest / Oldest
Jason McOrmick
Bugreport: the enable/disable ModSecurity on a per-domain basis doesn't seem to work at all.
On my DA 1.649 / OLS 1.7.16 server, whatever SecRuleEngine set in any of the separate /usr/local/directadmin/data/users/USER/domains/DOMAIN.COM.modsecurity_rules files, it will be ignored. Only the default server-wide value from the /usr/local/lsws/conf/httpd-modsecurity.conf file is used.
Also, IF it would work: the modsec interface has only the On/Off settings for SecRuleEngine: it's missing "DetectionOnly" which can be helpful for tracking down rule issues without affecting user experience.
smtalk
It's available in pre-release now. For logs to be shown, re-compilation of ModSecurity is needed:
cd /usr/local/directadmin/custombuild
./build update
./build modsecurity
Richard Lincourt
nice things :-) directadmin become really more nice again !! im happy to see what you do smtalk !
Richard Lincourt
is it working with litespeed ?
smtalk
Yes, but it requires version 6.0 of LiteSpeed.
smtalk
Status changed to: Live
smtalk
Status changed to: In progress
smtalk
Status changed to: Planned
apogee
and thus with the possibility to ex/include single rules and a mod_sec viewer (like for example ConfigServers ModSecurity Control - cmc)
Owais
Yes exactly need this feature at user level like cpanel.