Hi I’m using, comodo modsecurity for cpanel, I have some question,
¿Where I can change the settings of lock after 5 attempts for brute force of joomla and wordpress.? (default rules comodo mod security)
Thanks for your reply.
You can change these values, but you’ll lose changes within first update. You can move bruteforce rules (210055, 230000-230041) into your custom rules file and change limits there to keep your modifications during update. As you told “5 attempts”, I guess you mean rules 230011 and 230021. In this case change this string
SecRule IP:MULTIPLE_USERNAME_COUNT "@gt 5"
as you wish.