Search found 55 matches
- Tue Oct 13, 2015 1:40 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: New Wordpress XML-RPC Attack
- Replies: 9
- Views: 10215
Re: New Wordpress XML-RPC Attack
i have to respectfully disagree, a local socket to a local process is always going to be faster than a remote network query.
- Thu Aug 06, 2015 11:55 am
- Forum: Atomicorp Modsecurity Rules Support
- Topic: RealTime rules on IIS8 and 'IPmatch: bad IPv6 specification'
- Replies: 8
- Views: 19122
Re: RealTime rules on IIS8 and 'IPmatch: bad IPv6 specificat
microsofts modsec look up ip4 as ip6? you should definitely report that to micrtosoft then.
- Sun Aug 02, 2015 1:17 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: license via plesk billing
- Replies: 4
- Views: 15851
Re: license via plesk billing
no you do not need to run the asl installer. the security core complete is just the modsecurity rules, it does not include the full atomic secured linux package, just the rules. the rule are installed by plesk.
- Thu Jun 04, 2015 2:52 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Access denied with code 400. Too many threads
- Replies: 2
- Views: 5841
Re: Access denied with code 400. Too many threads
i think something is wrong with your system. that means you have 16K connections to apache. i dont even know how is that even possible unless someone is attacking you or your system is misconfigured. is 16K connections even something apache handle? my advice would be to see what all those connection...
- Thu Jun 04, 2015 2:48 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Clamd, Exim & cPanel
- Replies: 6
- Views: 8492
Re: Clamd, Exim & cPanel
For example, having ASL kernel was killing Easyapache script and made us to stop using it. It is impossible to update / reconfigure Apache without rebooting vanilla kernel, then running Easyapache and then restarting again to activate the ASL kernel. This makes it 2 reboots to just recompile Apache...
- Fri May 08, 2015 11:03 am
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Odd Behaviour with 98_asl_adv_redactor.conf
- Replies: 4
- Views: 15645
Re: Odd Behaviour with 98_asl_adv_redactor.conf
your using modsecurity 2.8.0. thats your problem upgrade to 2.9.0
- Tue Mar 31, 2015 12:10 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Tortix never stops hammering my database
- Replies: 4
- Views: 6669
Re: Tortix never stops hammering my database
for what its worth a load of 1 is nothing. even if you just had a single core cpu that means the system is at normal capacity and everything is fine. its not overloaded. on multi-cpu server load is relative to number of cpu cores available. 1.0 on a single-cpu system, 2.0, on a dual-cpu or dual-core...
- Tue Mar 31, 2015 10:08 am
- Forum: Atomic Protector (formerly ASL)
- Topic: WAF / TWAF issues with PHP-FPM (NGINX)
- Replies: 7
- Views: 7967
Re: WAF / TWAF issues with PHP-FPM (NGINX)
did you congifure the twaf to sit in front of nginx?
- Wed Mar 18, 2015 11:43 am
- Forum: Atomic Protector (formerly ASL)
- Topic: Denied untrusted exec ... (litespeed nightmare)
- Replies: 2
- Views: 5262
- Fri Feb 06, 2015 1:27 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Server unreachable after installation of ASL kernel
- Replies: 2
- Views: 4756
Re: Server unreachable after installation of ASL kernel
that means your system is configured to start nginx, and its not starting, and asl is trying to start it for you. check your nginx logs[psmon]Failed to spawn 'nginx' with '/sbin/service nginx restart'
- Wed Jan 28, 2015 7:57 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Looking for cms-related rules
- Replies: 4
- Views: 16127
Re: Looking for cms-related rules
the nginx modsecurity software is unreliable, so its probably not going to work like you expect
- Mon Jan 19, 2015 3:04 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: SSD is being killed by ASL
- Replies: 14
- Views: 13718
Re: SSD is being killed by ASL
did you read those articles? they explain what to do
- Fri Jan 16, 2015 12:53 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: IP whitelist increases the server load
- Replies: 33
- Views: 34291
Re: IP whitelist increases the server load
why do they use such an old kernel? looking onkernel.org its no longer supported or maintained.CloudLinux (Kernel: 2.6.32-531.29.2.lve1.3.11.1.el6.x86_64)
- Thu Jan 15, 2015 6:46 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: IP whitelist increases the server load
- Replies: 33
- Views: 34291
Re: IP whitelist increases the server load
No they arent, im running the 3.2.62-74 ASL kernel with Centos and Cpanel. Cpanel doesnt include a kernel or care what kernel you use.1. cPanel/CentOS 6.x are all running 2.6.32.x kernels.
For what its worth, im not seeing any issues with the newer kernels.
- Mon Jan 12, 2015 2:24 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: IP whitelist increases the server load
- Replies: 33
- Views: 34291
Re: IP whitelist increases the server load
iptables -I INPUT -s 1.2.3.4 -j DROP which is a lightweight operation. If you run asl -wl youll see its adding the whitelist entry to the waf (and restarting apache), ossec (and reloading its config so its whitelist is updated) and also adding a rule to the firewall. so its doing more than just add...