@sandeep I have just written the necessary data through your profile chat.
Hi @sandeep, I've got something else today, the server is running and working like a charm, but when I install ModSecurity and enable OWASP or COMODO rules, if I try to work in the site everything stops working properly... First 403, then Uploading files..., then database migration..., then wordpress...
What I did was to to white list some of the rules I was finding in ModSecurity log by its ID, for example:
SecRuleRemoveById 980130 SecRuleRemoveById 949110 SecRuleRemoveById 941100 SecRuleRemoveById 911100 SecRuleRemoveById 920350 SecRuleRemoveById 913100 SecRuleRemoveById 920280
I haven't even started to work full on the site, I'll I have been doing is setting it up and all these trouble......!!
My real question is how can I better handle ModSecurity, so all my sites don't get all these false positive?? is there a known false positive list, just to add and let it be?? Can I just white list IP's, my IP and the servers IP maybe??.
Thanks in advance.
PS (IT'S UNINSTALLED FOR NOW..!!)
We work with the rules of comodo and what we do is teach customers to disable rules that affect them. So far we have no problems and they are managing themselves
Module IPv6: https://github.com/coriaweb/cwpipv6
I am attaching what we have programmed so far, in case it can be useful to the CWP team to speed up the implementation.
We have had it down for a while, because our provider dropped the IPv6 connection, so we will restart this system.
I put it if you want to review it and it can be useful for someone or even to receive improvements from you.
I'm having problems, every few days in the morning I find the mail server down: Dovecot IMAP / POP3 Server.
Checking the log I see this:
****. network systemd : dovecot.service: main process exited, code = exited, status = 81 / n / a
****. network systemd : The dovecot.service unit entered a failed state.
****. network systemd : dovecot.service failed.
Warning: the journal has been rotated since the drive was started. The log output is incomplete or unavailable.
Do you know why this may be happening?
I do for more important things and it's very helpful.
@sandeep No, since it is passed from all emails on the server.
That is to say, if I write an email to you from the server, the server itself sends me back that message informing that it has been successfully delivered. It is something very strange
I'm waiting to see if anyone else on the server is having this happen or if the change worked, so I'll let you know later in the day.
I have done these steps, tomorrow I will let you know if it worked.
When rebuilding the mail server, I see that it now returns this message when sending mails, do you know how to stop it?
This is the mail system at host *****.
Your message was successfully delivered to the destination(s)
listed below. If the message was delivered to mailbox you will
receive no further notifications. Otherwise you may still receive
notifications of mail delivery errors from other systems.