How to exclude ModSecurity for domain under cPanel and LiteSpeed?
As an example lets use domain joomla-ls.labtest.
Exlude usually is located at /var/cpanel/cwaf/etc/httpd/domains/000_exclude_joomla-ls.labtest\:80.conf It contains:
SecRule SERVER_NAME "(?:.*\.)?mail\.joomla-ls\.labtest(?::80)?|(?:.*\.)?www\.joomla-ls\.labtest(?::80)?|(?:.*\.)?joomla-ls\.labtest(?::80)?" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off,id:10001"
Such file is usually created after domain exclude in CWAF-plugin. For Apache it works, LiteSpeed 'reads' this file, but not uses it. To work with LiteSpeed code above should be located in /etc/apache2/conf.d/includes/post_virtualhost_global.conf (EA4) or in /usr/local/apache/conf/includes/post_virtualhost_global.conf (EA3) for any domain(s) user needs to exclude.
Also /var/cpanel/cwaf/etc/httpd/domains/000_exclude_joomla-ls.labtest\:80.conf and other file(s) should be removed to avoid existing rules with the same id. If this files exists LiteSpeed will work, but CWAF-plugin won't. Also if LiteSpeed is changed by Apache, it also won't work.