Hello, if you’ve recently added a domain to your OpenPanel and noticed that your domains are not working (Caddy is failing to start), this is likely due to updated WAF rules from the Core Rule Set. Specifically, the issue is in the file:
REQUEST-941-APPLICATION-ATTACK-XSS.conf
The problem has been discussed and tracked here:
As a quick fix, you can enable the problematic WAF rules fie with the following commands:
mv /etc/openpanel/caddy/coreruleset/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf.disabled /etc/openpanel/caddy/coreruleset/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf && docker restart caddy
After this, Caddy should start normally.