We are in the process of adding IPv6 connectivity to all of our domains. This has been enabled on www.waytotheweb.com, www.configserver.com and download.configserver.com so far.
Due to the way implementation of IPv6 often works over protocols and applications, connections and requests will usually prefer IPv6 over IPv4 connections and DNS resolution.
If you see IPv6 connectivity issues, ensure that you have enabled outgoing connections to port 80 and 443 in TCP6_OUT in your csf.conf.
If you still see problems, you will have to investigate your IPv6 server configuration to resolve the issue, or disable IPv6 on the server if it does not work.
We have created a ModSecurity Vendor that you can now use to import the cxs ModSecurity rules. To use this new feature you need to:
1. Remove the cxs ModSecurity rule block from /usr/local/apache/conf/modsec2.user.conf
2. Use the inbuilt cPanel ModSecurity Vendor Rules mechanism by either:
a) WHM > ModSecurity Vendors > Add Vendor > Vendor Configuration URL:
Save and then restart httpd
b) Issue the following commands:
/scripts/modsec_vendor add https://download.configserver.com/waf/meta_configserver.yaml
/scripts/modsec_vendor enable configserver
Then restart httpd
You can have the ConfigServer Vendor enabled along with any other Vendor that you may already be using.
If you are using ModSecurity v2.9 with Apache you will need to add an extra ModSecurity directive to the cxs upload scanning rule for it to function as ModSecurity have changed the way that the @inspectFile function works:
On a cPanel server this means that you need to edit:
and add the line above after the cxs ModSecurity rule and then restart httpd.