DirectAdmin Knowledge Base and Support

DirectAdmin is a web panel for a simple administration of both virtual and dedicated servers. DirectAdmin is faster, safe and more powerful than any other CP. And we know how to customize and support it.

How to enable ModSecurity for OpenLiteSpeed on Directadmin server

| 11:47:35 03.07.2019

As of now you can use OpenLiteSpeed with ModSecurity and ruleset from Comodo on a DirectAdmin server. Here are instructions on how to install and enable it.

Installation

All the installation steps should be done in a server console.

First we change directory and update the custombuild script to make sure it will use actual versions:

cd /usr/local/directadmin/custombuild
./build update

Then we change options

./build set modsecurity yes
./build set modsecurity_ruleset comodo
./build set webserver openlitespeed

And finally we start an installation:

./build openlitespeed
./build modsecurity

As soon as the installation completes we will need to update settings.

Configuration

In order to get the ModSecurity to work we need to set "SecRequestBodyAccess On", here is how can we do it on a DirectAdmin server without a risk to loose customization:

cd /usr/local/directadmin/custombuild/
mkdir -p custom/openlitespeed/conf
cp -p configure/openlitespeed/conf/httpd-modsecurity.conf custom/openlitespeed/conf/

perl -pi -e 's/SecRequestBodyAccess .*/SecRequestBodyAccess On/' custom/openlitespeed/conf/httpd-modsecurity.conf

./build rewrite_confs

Fixing error

A first start might fail with the following error: 'SecDefaultActions can only be placed once per phase and configuration context'. 

Here is a fix:

cd /usr/local/directadmin/custombuild/
perl -pi -e 's/^SecDefaultAction /#SecDefaultAction /' custom/openlitespeed/conf/httpd-modsecurity.conf
./build rewrite_confs

Comodo Plugin

We should disable DirectAdmin Comodo WAF plugin which gets installed with the installation of ModSecurity.

Run the following command as root:

perl -pi -e 's/active=yes/active=no/' /usr/local/directadmin/plugins/comodo_waf/plugin.conf

The plugin does not currently support OpenLiteSpeed, hence it might only confuse administrators.

Testing

A simple way to test the installation and make sure it is working is to open any site from a server with newly installed OpenLiteSpeed+ModSecurity by a modified URL with ?r=/etc/passwd query string, for example:

  • http://www.example.net/?r=/etc/passwd

Replace www.example.net with your real domain name. If the setup is correct you will get a 403 error:

DirectAdmin: OpenLiteSpeed and ModSecurity

That's it.

About Us
We are a team of professionals, and specialize in installation, configuring and managing of remote virtual and dedicated servers powered by Linux/Unix-like OS with DirectAdmin. We support various sets of software, including web-servers Apache, Nginx; internet domain name servers Bind, PowerDNS; mail-servers with POP3, IMAP and SMTP, FTP-servers, etc. After years of working through the most complex server challenges our team has gathered valuable experience and universal solutions suitable for everyday tasks. We are here to lend you a helping hand and take care of your servers in order to let you have enough time to do more of what you love.




All of the information and data on this site is for informational purposes only and is provided for the convenience of the user.
Powered by: Amiro.CMS - Free edition