Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
litespeed_wiki:waf:comodo [2017/09/05 16:21] Eric Leu [Configuring Comodo] |
litespeed_wiki:waf:comodo [2018/05/16 19:37] Eric Leu [Verify Comodo] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== How to setup comodo on LiteSpeed Web Server with cPanel====== | + | ====== How to Setup Comodo on LiteSpeed Web Server with cPanel====== |
- | [[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set create by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server | + | [[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set created by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server. Its functions include: |
+ | * Protecting sensitive customer data | ||
+ | * Meeting PCI compliance requirements | ||
+ | * Blocking unauthorized access | ||
+ | * Preventing SQL injection and Cross Site Scripting (XSS) attacks | ||
===== Install Comodo ===== | ===== Install Comodo ===== | ||
- | - Signing-up for a Comodo User Account at [[https://waf.comodo.com/|here]]\\ | + | - Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\ |
- | - Install cwaf script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | + | - Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh |
sh cwaf_client_install.sh</code> | sh cwaf_client_install.sh</code> | ||
- | - Install step by step with prompt window \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} | + | - Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} |
===== Configuring Comodo ===== | ===== Configuring Comodo ===== | ||
- | - Login WHM control panel, search comodo from search bar. You will see the main Comodo WAF Plugin Dashboard | + | - Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard |
- | - Click on tab **Configuration** and update your CWAF credentials | + | - Click on the **Configuration** tab and update your CWAF credentials |
- | - Click on tab **Main** and update rule versions | + | - Click on the **Main** tab and update rule versions |
- | - Then, you will see current rules version shows '''Latest version''' \\ {{:litespeed_wiki:waf:comodo-3.png?500|}} | + | |
+ | Once completed, you will notice that the current rules version shows the correct ''Latest version'' \\ {{:litespeed_wiki:waf:comodo-3.png?500|}} | ||
===== Verify Comodo ===== | ===== Verify Comodo ===== | ||
- | - After setup comodo, you may need to restart LiteSpeed Web Server | + | ====Method 1==== |
- | - To check CWAF for protection, send the request as shown below: \\ <nowiki> http://$server_domain/ </nowiki> **?a=b AND 1=1**, server will response 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} | + | - To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} |
+ | |||
+ | ====Method 2: Command injection attack==== | ||
+ | - Create a delete.php file with following codes \\ <code> | ||
+ | <?php | ||
+ | print("Please specify the name of the file to delete"); | ||
+ | print("<p>"); | ||
+ | $file=$_GET['filename']; | ||
+ | system("rm $file"); | ||
+ | ?> | ||
+ | </code> | ||
+ | - Create a dummy file \\ <code>touch bob.txt</code> | ||
+ | - Open <code> http://$server_domain/delete.php?filename=bob.txt;id </code> | ||
+ | If WAF works, you will get a 403 forbidden page | ||
===== Uninstall Comodo ===== | ===== Uninstall Comodo ===== | ||
- | - Run uninstall script <code>cd /var/cpanel/cwaf | + | - Run the uninstall script <code>cd /var/cpanel/cwaf |
bash /var/cpanel/cwaf/scripts/uninstall_cwaf.sh</code> | bash /var/cpanel/cwaf/scripts/uninstall_cwaf.sh</code> | ||
- | - Enter ansewer[y/n] y \\ | + | - Answer ''y'' |
- | - Then Comodo WAF should be gone after that. | + | |
+ | Once completed, Comodo WAF will be gone. | ||