ModSecurity isn’t enabled

Looks like it hasn’t been, since I switched to OpenLiteSpeed. Do I have to compile the ModSecurity module, or does whatever DirectAdmin install have it?

It has it, run “ls /usr/local/lsws/modules”, and if you are lucky, you will see it.

The instructions on the OpenLiteSpeed Wiki, don’t work, and neither does adding “include /usr/local/lsws/conf/httpd-modsecurity-enable.conf” to the httpd_config.conf file or “httpd-includes.conf”. The log files don’t exist.

Good luck, looks like OpenLiteSpeed doesn’t support ModSecurity, at least not with DirectAdmin.

It’s not even attempting to enable it. “systemctl status litespeed” says nothing, maybe if I enter bogus stuff in the “httpd-modsecurity.conf” file it’ll fail to start. Nothing, it’s ignoring the file.

Can’t open /usr/local/lsws/conf/extra/httpd-modsecurity.conf: No such file or directory.

How do I get that file? The extra folder doesn’t exist.

There’s “/usr/local/directadmin/custombuild/configure/openlitespeed/conf/httpd-modsecurity.conf”, and that’s the same as “/usr/local/lsws/conf/httpd-modsecurity.conf”.

So I guess just make the extra folder, and copy or ls to the other file.

No errors with “/usr/local/directadmin/custombuild/build modsecurity”, but still no ModSecurity.

Selected WEB platform LiteSpeed is not supported

There you go, OpenLiteSpeed isn’t supported.

rm -rf /usr/local/cwaf
rm -rf /etc/cwaf

That’s how you get it to attempt at installing it.

Disabled ModSecurity, since it doesn’t support LiteSpeed.