OpenLiteSpeed WordPress on GCP and ModSecurity

#1
Hello everyone,

I need advice about OpenLiteSpeed WordPress on GCP f1-micro instance.

1) Enabling ModSecurity will increase server security or not?

2) If it will increase security, is it worth to install vs resources limitations (f1-micro instance)?
 

lsqtwrk

Administrator
#3
Hi,

1. yes , it will increase the security

2. that depends , as you know , security costs performance, speed and resources , so you need to find the balance in between.

Best regards,
 
#4
Thanks for reply. Here I have just some additional question. In GCP instance it is not enabled by default. I followed instructions to install OS (Ubuntu) package, but module is not appear. What I missed?
 

lsqtwrk

Administrator
#7
Hi,

Yes, as you see in document like my screenshot , after installation , you will need to set up in webadmin console , or add the conf into httpd_config.conf

ScreenShot2020-03-30 21.37.48.png


then you will need to download the ruleset, like comodo , and change "/rule/file/path" to the actual path.
 
Last edited:
#8
Hi,

Thanks to make me clear. So, issue was in English terminology. For me, used terminology (set up) mean how module is already in console visible and you just should to 'set up' further module. If used term is 'add' (insert, aggregate, ...), it mean that I should to 'click' on top right 'plus (+) sign' and 'add' module to console with appropriate code. So, when I wrote that it not appear, that is what I mean. So, thanks to you, now is clear what to do further.

Thanks again.

P.S. - So, sentence should to look as follow:

"You can add (aggregate, insert) and set up ModSecurity module through OLS webadmin console if you like." or (more clear and precise)

"If you like, you can append Modules Tab in OLS webadmin console with ModSecurity module rules as follow:" (display rules)

Pay attention that further for CLI it is written as "append the following content to". Append document is the same meaning as "add" in console (certainly is not "set up").
 
Top