Hello,
I allow myself to trace what appears to be a bug.
I installed directadmin + openlitespeed + modsecurity + comodo
I tested the following url: http://domainname.com/?r=/etc/passwd
I have a 403 error that appears on the screen, however this error does not appear in the error log file (/var/log/httpd/domains/domainname.com.error.log)
On the same server I changed to the apache web server and the modsecurity errors appear in the log file of the domain name, so I went back to the openlitespeeed web server and the modsecurity errors no longer appear in the file domain name logs.
When openlitespeed is active, the errors do appear on the other hand in the log file modsec_audit.log which is located in /var/log/httpd
The concern is that the csf / lfd firewall does not block the IP addresses in error because the errors do not appear ...
Is this a bug?
Is there a configuration to be done in openlitespeed so that errors appear in the logs file for each domain name?
Please help me with this.
Thank you.
I allow myself to trace what appears to be a bug.
I installed directadmin + openlitespeed + modsecurity + comodo
I tested the following url: http://domainname.com/?r=/etc/passwd
I have a 403 error that appears on the screen, however this error does not appear in the error log file (/var/log/httpd/domains/domainname.com.error.log)
On the same server I changed to the apache web server and the modsecurity errors appear in the log file of the domain name, so I went back to the openlitespeeed web server and the modsecurity errors no longer appear in the file domain name logs.
When openlitespeed is active, the errors do appear on the other hand in the log file modsec_audit.log which is located in /var/log/httpd
The concern is that the csf / lfd firewall does not block the IP addresses in error because the errors do not appear ...
Is this a bug?
Is there a configuration to be done in openlitespeed so that errors appear in the logs file for each domain name?
Please help me with this.
Thank you.
