ispconfig.vhost and modsecurity

Discussion in 'Installation/Configuration' started by pititis, Mar 11, 2011.

  1. pititis

    pititis Member


    Sometimes I use modsecurity rules in my virtual domains. It's a very powerful mod. I would like to add a geoip rule to my ispconfig.vhost but I found the next directive:

    <IfModule mod_security2.c>
       SecRuleEngine Off
    Oops! Why ispconfig set to off the RuleEngine?:confused:

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Mod_security is disabled as some mod_security rules block ispconfig functions. ISPConfig is s server control panel, so it has to work with paths in system directories like /etc, but mod_security falsely detects this as attack and blocks ispconfig.

Share This Page