Search results

Wow, just checking in. I'm excited to load up LiteSpeed on a new cluster I'm having implemented for my site worldtruth.org. Right now I'm running the 15 day enterprise trial until the setup is ready in a couple days, then I'm purchasing the whole shabang. I know people keep saying to run nginx +...

You are entirely incorrect, as many people (in fact ALL I know) switch to LSWS to ensure the stability of their forums which are high in SQL queries and usage. For this reason, the ability to effectively quantify the settings which are most compatible for the hardware, software, and hosting...

can you all comment on how mine looks? the first post?

I was told to setup the dynamic req/sec to (one for every 256mb of ram)? What would you suggest?

CSF Settings: - 125 every 15 seconds (make perm or make temp 3600 seconds) - turn off syn flood protection in csf as LSWS settings above work better

Look for the include /usr/local/apache/mod_sec_user.conf in the httpd.conf file. If that is not in there, then you will need to determine where your user.conf file is, and add that lincludes line. For example: mine is located in multiple locations because I have multiple mod_security...

I need to know if these settings are appropriate for a high sql usage environment running multiple forums. Please let me know if there are any areas you would recommend changing or tweaking. My load averages are typically 1-4%, however some sites are spiking 40% cpu usage. It would help to...

in your /usr/local/apache/mod_sec user.conf or mod_sec_user2.conf one of those files in there you will see the same rule sets that are causing those errors. Remove those two and everything will work fine. The additional mod_security rules you implemented in the modsecurity and modsecurity.d...

Take a look at MIS Twang's response here: http://www.litespeedtech.com/support/forum/report.php?p=15145

If you look at the mod_security log, it should tell you what is being blocked. Perhaps you can paste the security alert here. Otherwise you'll need to do what I did, and that's searching through each mod_sec document in "modsecurity" and "modsecurity.d" and search for the text, kinda like when...

Sasha a few other things you should do are these: In your /usr/local/lib/php.ini put these where it says disable_functions: disable_functions = "fpassthru, crack_check, crack_closedict, crack_getlastmessage, crack_opendict, psockopen, php_ini_scanned_files, hell-exec, system, dl, ctrl_dir...

I don't give anyone CGI access unless they request it for special reasons. Note: A common misbelief is that VPS already have CGI safe-moded, but in reality it depends upon the actual setup they have. Most can be circumvented and end up rooting the entire box, hence wiping out your VPS and the...

Another good tool to install and configure is MailScanner. You can protect yourself from the HTML:Iframe injections, and it works perfectly with ClamAV. Just configure everything, start it, and it scans incoming and outgoing mail for spam to protect your server from rogue spam scripts, as well...

I get some of the same errors, and I asked about them in an email to LS Support, and they responded that they don't mean anything, because if you wait a few minutes and refresh the page the errors are all gone. They are mod_security alerts, so technically you could go through the mod_security...

Sasha, good mod_security rules will help with a large percentage of what you are getting hit with, and reduce the load on your server quite a bit. Due to the size of the forums you're running you'd be better with: Static req/sec: 15 Dynamic req/sec: 5

SecRule REQUEST_BODY|ARGS "< ?font style ?= ?(position ?\: ?absolute|overflow ?\: ?(?:hidden|auto)).*(?:height|width) ?(?:=|\:) ?[0-9] ?(px|\;)" \ "t:replaceNulls,t:htmlEntityDecode,t:urlDecodeUni,t:compressWhiteSpace,t:lowercase,id:300056,rev:1,severity:2,msg:'Spam: Hidden Text Exploit'"

To learn more about mod_security rules, including the HTML:IFRAME DOS INJECTION filtering and automatic removal go here: http://www.litespeedtech.com/support/forum/showthread.php?p=15707#post15707

I haven't seen this thread accurately described on this site yet, so I'm going to do my best to explain exactly what I did to get this to work effectively on my server with the variety of regular sites, forum sites (vB, IPB, PHPbb, etc.), including ClamAV, while using cPanel WHM. Hopefully this...

I am creating a new thread with the exact steps to apply the default mod_security and ASL mod_security rules effectively to probably 90% of the servers that exist, and I will then post that redirected link here in about 15 minutes.

Please see this link for the rule definition(s). You can either include the rule manually by editing the lines in your default rules, or add the files to an existing custom rules directory. http://www.gotroot.com/tiki-read_article.php?articleId=278