CODEWITHSUNDEEP
apachepleskmod-security
LaDude
LaDude

Reputation: 1403

Apache mod_security and chat server

My website is hosted on a virtual server that runs Apache and Plesk. I would like to integrate a chat from livezilla.de on my website. The chat server runs on my server as well.

To secure my system, I have activated plesk_modsecurity. However, that particular module bans the IP address of each user of the chat because the chat pings the server quite frequently.

Is it possible to (a) allow requests from the chat to the chat server and vice versa with no restriction while (b) any other requests are still handled by the module with the appropriate restrictions?

Or would you recommend another solution?

The following list shows some of the errors raised by the modsecurity rules.

Message: Rule 7f7e7ac18c30 [id "340159"][file "/etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"][line "114"] - Execution error - PCRE limits exceeded (-8): (null).
Message: Rule 7f7e7abb2c60 [id "340157"][file "/etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"][line "135"] - Execution error - PCRE limits exceeded (-8): (null).
Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client XX.XXX.XX.XXX] ModSecurity: Rule 7f7e7ac18c30 [id "340159"][file "/etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"][line "114"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "mydomain.tld"] [uri "/livezilla/server.php"] [unique_id "WzIClVXWzdsAABSrkdgAAAAE"]
Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client XX.XXX.XX.XXX] ModSecurity: Rule 7f7e7abb2c60 [id "340157"][file "/etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"][line "135"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "mydomain.tld"] [uri "/livezilla/server.php"] [unique_id "WzIClVXWzdsAABSrkdgAAAAE"]
Apache-Handler: proxy:unix:///var/www/vhosts/system/mydomain.tld/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1530004117657831 96698593 (- - -)
Stopwatch2: 1530004117657831 96698593; combined=96528507, p1=2, p2=96528499, p3=2, p4=1, p5=3, sr=0, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.2 (http://www.modsecurity.org/); 201806211447.
Server: Apache
Engine-Mode: "ENABLED"

Upvotes: 0

Views: 373

Answers (1)

Elvis Plesky
Elvis Plesky

Reputation: 3300

Try LocationMatch directive for ModSecurity. Browse to Tools & Settings > Web Application Firewall (ModSecurity) > Settings > Custom and add the following directives:

<LocationMatch "/livezilla/">
SecRuleEngine Off
</LocationMatch>

It will disable ModSecurity for URIs like /livezilla/server.php

Upvotes: 1

Related Questions