The Webshell protection can cause false positives. It is more recommended on self-hosted servers than on shared servers
In version 1.85 we have added additional options in Settings to control WAF. With new options, you have a neat and simple UI option to whitelist ModSec rules in case you want. Our rules are carefully crafted to avoid false positives and other issues. Also new UI let you to enable additional rules to avoid bad bots and exploiting PHP shell scripts. You can enable/disable the rules based on your preference.
1. WEBSHELL protection:- If you enable this rule set, your server will be protected from the execution of PHP shells like following
Front page may open in web shells, but command execution [ like copy, delete, move, etc ] is blocked.
2. SCANNER protection:- This will help to keep away bad crawlers from your system. This is a major headache for web hosts and causes unnecessary use of system resources. It can block
3. RBL Protection:- This provides the advanced DDoS protection for POST attacks [ brute-force, script exploits ] and blocks common abusive IP addresses collected through our network of servers with cPGuard installed. We recommend to turn this ON as it can help to block many attacks before reaching your application and helps to reduce server load.
As always...please contact our support team if you find any difficulties with the additional rules set or the whitelist option.