ConfigServer Community Forum

Replying to my ignorant self here in the hope it guides someone else in the right direction one day. I have tweaked my custom regex to the following: if (($config{LF_MODSEC}) and ($globlogs{MODSEC_LOG}{$lgfile}) and ($line =~ /^\[\S+ \S+ \S+ \S+ \S+\] \[(\w*)?:error\] (\[pid \d+(:tid \d+)\]) \[(?:cl...

I am running a WHM CloudLinux8 based dedicated server that has both ModSecurity and CSF/LFD (v14.22) installed. Despite being set-up correctly as far as I can see, CSF is neither temporarily nor permanently blocking any repeat offender IPs recorded by ModSec in the server's main error_log I can see ...