Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
litespeed_wiki:waf:comodo [2017/09/05 17:38] Eric Leu [How to setup comodo on LiteSpeed Web Server with cPanel] |
litespeed_wiki:waf:comodo [2018/11/08 20:49] Jackson Zhang [Method 2: Command injection attack] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== How to setup comodo on LiteSpeed Web Server with cPanel====== | + | ====== How to Setup Comodo on LiteSpeed Web Server with cPanel====== |
- | [[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set create by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server, e.g.: | + | [[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set created by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server. Its functions include: |
- | - Protect sensitive customer data | + | * Protecting sensitive customer data |
- | - Meet PCI compliance requirements | + | * Meeting PCI compliance requirements |
- | - Block unauthorized access | + | * Blocking unauthorized access |
- | - Prevent SQL injection and Cross Site Scripting (XSS) attacks | + | * Preventing SQL injection and Cross Site Scripting (XSS) attacks |
+ | ===== Deploy Comodo ModSecurity Rule Set in cPanel ===== | ||
+ | There are two ways to install comodo modsecurity rule set in cpanel, through cpanel mod_security vendor manager or through comodo cpanel plugin. | ||
- | ===== Install Comodo ===== | + | ==== Method 1: Install Comodo rule set through cpanel mod_security vendor manager ==== |
- | - Signing-up for a Comodo User Account at [[https://waf.comodo.com/|here]]\\ | + | |
- | - Install cwaf script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | + | Log into WHM -> Security Center -> ModSecurity Vendor -> Add vendor: |
+ | {{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor.png?600 |}} | ||
+ | |||
+ | Vendor Configuration URL For Comodo ModSecurity LiteSpeed Rule Set is | ||
+ | https://waf.comodo.com/doc/meta_comodo_litespeed.yaml | ||
+ | {{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor-loadurl.png?600 |}} | ||
+ | |||
+ | click "load", then the vendor details will be fetched and automatically filled in the fields. Then "save". | ||
+ | You can also check the [[https://help.comodo.com/topic-212-1-670-8350-.html|instructions]] from Comodo directly. | ||
+ | |||
+ | ==== Method 2: Install Comodo rule set through Comodo plugin ==== | ||
+ | - Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\ | ||
+ | - Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | ||
sh cwaf_client_install.sh</code> | sh cwaf_client_install.sh</code> | ||
- | - Install step by step with prompt window, it will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} | + | - Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} |
- | ===== Configuring Comodo ===== | + | Configuring Comodo |
- | - Login WHM control panel, search comodo from search bar. You will see the main Comodo WAF Plugin Dashboard | + | - Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard |
- | - Click on tab **Configuration** and update your CWAF credentials | + | - Click on the **Configuration** tab and update your CWAF credentials |
- | - Click on tab **Main** and update rule versions | + | - Click on the **Main** tab and update rule versions |
- | - Then, you will see current rules version shows ''Latest version'' \\ {{:litespeed_wiki:waf:comodo-3.png?500|}} | + | |
+ | Once completed, you will notice that the current rules version shows the correct ''Latest version'' \\ {{:litespeed_wiki:waf:comodo-3.png?500|}} | ||
===== Verify Comodo ===== | ===== Verify Comodo ===== | ||
- | - After setup comodo, you may need to restart LiteSpeed Web Server | + | ====Method 1==== |
- | - To check CWAF for protection, send the request as shown below: \\ <nowiki> http://$server_domain/ </nowiki> **?a=b AND 1=1**, server will response 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} | + | - To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} |
+ | |||
+ | ====Method 2 ==== | ||
+ | You can check that CWAF works properly by sending a GET or POST request parameter ''cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276'' | ||
+ | |||
+ | Like this: | ||
+ | |||
+ | http://$server_domain/?cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276 | ||
+ | |||
+ | If the web server returns a 403 Forbidden status, then CWAF works fine. | ||
===== Uninstall Comodo ===== | ===== Uninstall Comodo ===== | ||
- | - Run uninstall script <code>cd /var/cpanel/cwaf | + | - Run the uninstall script <code>cd /var/cpanel/cwaf |
bash /var/cpanel/cwaf/scripts/uninstall_cwaf.sh</code> | bash /var/cpanel/cwaf/scripts/uninstall_cwaf.sh</code> | ||
- | - Enter ansewer[y/n] y \\ | + | - Answer ''y'' |
- | - Then Comodo WAF should be gone after that. | + | |
+ | Once completed, Comodo WAF will be gone. | ||