fbpx

Log files on CyberPanel

CyberPanel Main Log File   CyberPanel’s main log file contains errors related to CyberPanel operations. If something goes wrong directly in CyberPanel this file should be checked   https://<IP Address>:8090/serverstatus/cyberCPMainLogFile On the server, this file is located at   /home/cyberpanel/error-logs.txt   Improved and detailed dynamic logging   /usr/local/CyberCP/debug   Run command touch /usr/local/CyberCP/debug, this will […]

4 – Mod Security Rules Packages

Starting version 1.6.2 stable you can now enable OWASP and Comodo Mod Security rules via one click. Navigate to → https://<IP Address>:8090/firewall/modSecRulesPacks   Click the switch and it will turn on OWASP Rules, to verify if OWASP rules are installed successfully, open:   http://example.com/?a=b AND 1=1 You should get 403 Forbidden error, you can also […]

3 – Mod Security Rules

Later we will be having auto installation of Comodo and Owasp rules. Add Rules To add individual rules, you can navigate to: https://<IP Address>:8090/firewall/modSecRules By default there is one rule defined:   SecRule ARGS “\.\./” “t:normalisePathWin,id:99999,severity:4,msg:’Drive Access’ ,log,auditlog,deny” To test the functionality of this rule add folloing to end of your URL ‘?abc=../../ you should get 403 Forbidden, which […]

2 – Mod Security Configurations

Once you open: https://<IP Address>:8090/firewall/modSecurity You will see something like:     There are seven options, lets discuss them. ModSecurity Status This is the only option controlled by OpenLiteSpeed web server, once you turn this off nothing related to ModSecurity will work, this should be turned On for ModSecurity to function. SecAuditEngine ModSecurity can generate […]

1 – Installation

By default, ModSecurity is not installed, but once you first try to configure ModSecurity CyberPanel prompt for ModSecurity installation.   Open → https://<IP Address>:8090/firewall/modSecurity     Clicking ‘Install Now’ will start the installation, if installation is successful it will refresh your page and let you configure ModSecurity settings, which looks something like: