Starburst

Just saw your post, sorry, guess I need to come on here more also. Am usually hanging out in the CWP Forums. That seems to still be a bug in CWP with it installs ModSecurity. But it is simple to fix. nano /usr/local/apache/conf.d/mod_security.confAt the end of line 2 – Add – liblua-5.4.so Save & Exit systemctl restart httpd

@Sandeep B. Since CWP is now 2 versions behind the current versions, was wondering if you could post how to manually update PHP and PHP-FPM? Along with the options for ionCube, LDAP, and mailparse. Thanks

I would recommend installing CWP using AlmaLinux 9.6 (Current version of this post)

Works on AlmaLinux 9 & 10.

As mentioned by others, AlmaLinux 8.x is recommended, but that OS is in it' extended security phase. Which means 8.10 is the last version. All new servers we put online are AlmaLinux 9.x, which a couple days ago had some large updates. EL9 has some bugs like you can't go below PHP 7.4.x, so if you need some old PHP version, then EL8 would be the only choice. It also has some quirks like CWP->CWP Migration doesn't work. Otherwise, it is pretty stable already.

And all of the hacker's they have and allow on their network...

Just a FYI, JetBack seems to work with CWP unofficially. When you access the control panel for it, it shows all the CWP user accounts. Only draw back I see, if they would have to use a different control panel, UN & PW to access it.

Check your main config file for the OWASP rules. Sounds like a path wasn't set correctly.

Tried it, still isn't fully working. The servers use ModSecurity2.9.8 with the OWASP CRS ruleset on Apache 2.4.63 Thanks

@Navid Tried your modification, but LFD gave an error:

We run AlmaLinux 9.x Try to run these: dnf install php-cli libsodium libsodium-devel php-sodium php-pecl-zip php-pecl-mailparse php-mbstring php-pear php-devel php-pecl-imagickpecl channel-update pecl.php.netYou may need to recompile afterwards.

I got ModSecurity 2.9.8 working on CWP with Apache and the OWASP latest Ruleset (4.11.0) https://kb.starburstservices.com/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/update-modsecurity-running-cwp-and-apache-on-almalinux-8-9/ ModSecurity 3.x isn't recommended yet @Sandeep I'll send you a DM

Currently I’m using: ./configure --with-apxs=/usr/local/apache/bin/apxsShould I be building it another way for CWP?

Yes, you can. You will create the main account: User Accounts → New Account. For the additional domain, you will create that under the menu: Domains → Add Domain. That will ask you for the user, which you created above under User Account. Then you can either point to the root of the same directory, or a sub-folder. Or you can user Cloudflare to redirect the domain to another.

So it seems by default CWP send out 3 paragraphs with attacks, and the above code, cut it down to 1 paragraph. Which in turn sites like AbuseIPDB can accept automatically.