Latest update to 1.13 re-enabled previously whitelisted rules.
Is there a way to import these, rather than the tedious and error prone manual update?
CSF has a good interface for handling this. If I added the above to /usr/local/apache/conf/modsec2.whitelist.conf , would it take effect, or be overridden?
For now it would be overridden during update. But you can create symlink, for example:
ln -s /usr/local/apache/conf/modsec2.whitelist.conf /var/cpanel/cwaf/etc/httpd/global/zzz_user_whitelist.conf
So you can use CSF to create whitelists available for CWAF.
In next releases we plan to add interface for whitelisted rules, so you will be able to erase this symlink.
So are you saying that CSF and CWAF are compatible if you link the files? Been trying to understand compatability.
Since CSF is working with modsec2.whitelist.conf and this file is linked to CWAF directory - yes, CFS can be used to edit file recognized by CWAF for now.