Jump to content

 

ramesh

Member Since 13 Feb 2011
Offline Last Active Jun 05 2017 06:51 AM
-----

Posts I've Made

In Topic: Is It Safe To Have Mod_Security Disabled

05 June 2017 - 06:49 AM

My apologies for bumping this old thread - I would appreciate help and views on a related problem.

 

We are using cs-cart V 2.1.3 on PHP 5.3.29. We were on wiredtree till now, with mod_security enabled. Recently wiredtree sold to liquidweb, and so we moved to liquidweb, retaining the PHP version. New server was CENTOS 6 with Easy Apache 3 and Litespeed.

 

After the move, In general, the site loads fast, and we could not uncover any issues in our own testing. However, we realized that at times we would get 500 server error, and our IP would be blocked.

We became concerned that genuine customers should not be facing this issue (server 500 error, and IP block), leading to loss of sale.

I have got the modsec2.user.conf , exclude.csf, whitelist.csf and modsec_audit.log files from the NEW server.

Is it possible to get these analyzed to see if there are some rules which should be whitelisted? I did contact cs-cart support, and they kindly gave a advisory file with recommendations, but I am more concerned with auditing and analysing the rules already in place, in case any of them are creating conflicts.

 

I saw MAXAM's post above, but could not locate these rules anywhere in the modsec2.user.conf file

 

950006
959007
950904
950906
960032


Warm Regards
Amit