• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

Modsecurity & ModSecurity-nginx Debian 11 help needed.

Xerud

Xerud

Active member
Dec 1, 2019
128
32
28
42
Romania
Hi Guys, i have a VPS from Hetzner and recently i installed on it HestiaCP and because past week i got a site infected with javascript ads, on a website, i decided to buy and install Imunify360 license for self-hosted, because the panel is not supported by CloudLinux and the other guys from HestiaCP... All good until i got a bit stuck because the docs from imunify site are only for CentOS or AlmaLinux, and the panel has support for debian or ubuntu systems. I tried to find another tut on the internet on how to install and configure modsecurity and modsecurity-nginx module from external source... a black ball for cloudlinux... I might cloned a bad repo from git, or something configured wrong because after i installed Imunify360 i got some nginx segfault errors related to glibc2.31. I tried alot of methods found on the internet to solve the issues and lately i found that the issue is caused by wrong or defective settings or modules of ModSecurity... but on an older version...
github.com

Issues · owasp-modsecurity/ModSecurity-nginx

ModSecurity v3 Nginx Connector. Contribute to owasp-modsecurity/ModSecurity-nginx development by creating an account on GitHub.
github.com github.com

Anyone can help me fix it ?

I can`t afford to pay too much for the service, but it will not be totally for free.
 
well so what you want exactly for this?
if you only need to get rid of the javascript injection
you should check where it come from
and patch it....

rather than doing something else which is "too advance"
me personally normally i using Aapanel or cyberpanel since i only using Openlitespeed.
on past i also had this shitty viruses... the solution for me is replace old code to new code one by ones.... so no more backdoor etc...

it's seems that my "cheap" hosting in the past insert "little" backdoor on every sites that scanned as "Wordpress" that's why i moving to my own vps + using brand new theme
so i can install any of that by myself... yeah it's will take a long time but the result will be good....

i think if the virus come from internal script... they most likely not solved even if you using things that you mentioned above
 
Xerud said:
Hi Guys, i have a VPS from Hetzner and recently i installed on it HestiaCP and because past week i got a site infected with javascript ads, on a website, i decided to buy and install Imunify360 license for self-hosted, because the panel is not supported by CloudLinux and the other guys from HestiaCP... All good until i got a bit stuck because the docs from imunify site are only for CentOS or AlmaLinux, and the panel has support for debian or ubuntu systems. I tried to find another tut on the internet on how to install and configure modsecurity and modsecurity-nginx module from external source... a black ball for cloudlinux... I might cloned a bad repo from git, or something configured wrong because after i installed Imunify360 i got some nginx segfault errors related to glibc2.31. I tried alot of methods found on the internet to solve the issues and lately i found that the issue is caused by wrong or defective settings or modules of ModSecurity... but on an older version...
github.com

Issues · owasp-modsecurity/ModSecurity-nginx

ModSecurity v3 Nginx Connector. Contribute to owasp-modsecurity/ModSecurity-nginx development by creating an account on GitHub.
github.com github.com

Anyone can help me fix it ?

I can`t afford to pay too much for the service, but it will not be totally for free.
Click to expand...
my biggest piece of advice to you. It would be to install and use imunify + litespeed + cloudlinux with Plesk panel. very easy to install. it is installed with a single command. here is the link .
docs.plesk.com

Installing Plesk for Linux in One Click

One-click installation is a fast and hassle-free way of getting a Plesk server with default configuration up and runn...
docs.plesk.com docs.plesk.com
 
Yes, but plesk license is a bit expensive and cloudlinux it`s also an extra cost per license... if i can find someone that sell it cheaper than the original price, in here maybe i will consider to switch to it...
 
You must log in or register to reply here.

Similar threads

ShareHentai
Wordpress permalinks + Nginx
Replies
9
Views
458
General Tech Discussion
ShareHentai
ShareHentai
hina0909
Which web server is best for ecommerce site Nginx vs Openlitespeed?
Replies
6
Views
956
General Tech Discussion
TriniFella
T
vl4d
nginx direct video links help
Replies
4
Views
881
General Tech Discussion
vl4d
vl4d

Latest posts

Forum statistics

Threads
79,468
Messages
1,143,050
Members
248,636
Latest member
Huzaifa0308

Share this page

Share this page
Top Bottom
Back
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock