New! You can now use an automatic tracking tool to identify problematic WAF rules in real time. Instead of manually searching through logs, cPFence offers built-in tools to help you track WAF activity live and receive instant suggestions on fixing 403 errors caused by blocked requests.
Using the WAF Tracking & Troubleshooting Tools
Open the cPFence WebUI on your Main Control Panel server. You can troubleshoot and track WAF issues in two ways:
1. Domain-Level Tracking (Recommended)
To track logs for a specific domain:
- Go to WAF Management → WAF Tracking and Troubleshooting.
- Enter the domain name and click Start Tracking WAF.
- Live logs will stream and show blocked rule IDs with suggested commands to resolve issues.
2. Server-Wide Tracking
To track all WAF activity across all domains on the server:
- Go to System Dashboard → Real-Time WAF Log Monitoring.
- Logs will stream in real-time, useful for general debugging or watching suspicious activity across multiple sites.
3. CLI Method
If you prefer using the terminal, you can use:
Domain-specific tracking:
cpfence --debug-domain-wafYou will be prompted to enter a domain name. WAF activity will be tracked live for that specific domain.
Server-wide tracking:
cpfence --monitor-waf-logsThis will show all WAF activity on the server, regardless of domain.
Example CLI Output
New WAF Log Entry Detected:
ModSecurity: Access denied with code 403. XSS Attack Detected via libinjection. [id "941100"]
Affected URL: /
Recommended actions:
Disable rule for domain:
cpfence --disable-waf-domain-byid example.com 941100
Or disable it globally (not recommended):
cpfence --disable-waf-rule 941100Using these tools will help you track and resolve WAF issues efficiently , you should be able to identify the problematic WAF rule ID and adjust your configuration accordingly. Check the whitelisting guide for more info. If you need further assistance or clarification, don’t hesitate to reach out to support.
Need Further Assistance?
If you encounter any issues or need additional help, feel free to reach out to our support team via your client portal.
