Welcome to Centmin Mod Community
Become a Member

Beta Branch update prep for ModSecurity v3.0

Discussion in 'Centmin Mod Github Commits' started by eva2000, Aug 5, 2017.

  1. eva2000

    eva2000 Administrator Staff Member

    45,662
    10,361
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,080
    Local Time:
    7:03 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    unless you know how to configure modsecurity and it's gotchas, I'd avoid it. if using Cloudflare Pro and higher paid plans, you already have CF WAF available anyway.
     
  2. Rake-GH

    Rake-GH Active Member

    150
    78
    28
    Jul 29, 2019
    USA
    Ratings:
    +116
    Local Time:
    4:03 PM
    default
    default
    I don't use the paid cloudflare. But I did get modsecurity installed, got it setup and got it to trigger with your test rule. Pretty neat. I'm just gonna play with it in DetectionOnly mode for a couple days.

    I also found they have an exclusion profile for Xenforo too: crs_exclusions_xenforo
     
  3. eva2000

    eva2000 Administrator Staff Member

    45,662
    10,361
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,080
    Local Time:
    7:03 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    oh didn't know that :cool: