Discover Centmin Mod today
Register Now

Beta Branch update prep for ModSecurity v3.0

Discussion in 'Centmin Mod Github Commits' started by eva2000, Aug 5, 2017.

  1. eva2000

    eva2000 Administrator Staff Member

    46,583
    10,580
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,420
    Local Time:
    7:54 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    unless you know how to configure modsecurity and it's gotchas, I'd avoid it. if using Cloudflare Pro and higher paid plans, you already have CF WAF available anyway.
     
  2. Rake-GH

    Rake-GH Active Member

    161
    84
    28
    Jul 29, 2019
    USA
    Ratings:
    +126
    Local Time:
    5:54 PM
    default
    default
    I don't use the paid cloudflare. But I did get modsecurity installed, got it setup and got it to trigger with your test rule. Pretty neat. I'm just gonna play with it in DetectionOnly mode for a couple days.

    I also found they have an exclusion profile for Xenforo too: crs_exclusions_xenforo
     
  3. eva2000

    eva2000 Administrator Staff Member

    46,583
    10,580
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,420
    Local Time:
    7:54 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    oh didn't know that :cool: