Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
litespeed_wiki:waf:comodo [2017/09/05 17:57] Lisa Clarke |
litespeed_wiki:waf:comodo [2018/11/08 20:47] Jackson Zhang |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== How to Setup Comodo on LiteSpeed Web Server with cPanel====== | ====== How to Setup Comodo on LiteSpeed Web Server with cPanel====== | ||
[[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set created by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server. Its functions include: | [[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set created by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server. Its functions include: | ||
- | * Protect sensitive customer data | + | * Protecting sensitive customer data |
- | * Meet PCI compliance requirements | + | * Meeting PCI compliance requirements |
- | * Block unauthorized access | + | * Blocking unauthorized access |
- | * Prevent SQL injection and Cross Site Scripting (XSS) attacks | + | * Preventing SQL injection and Cross Site Scripting (XSS) attacks |
- | ===== Install Comodo ===== | + | ===== Deploy Comodo ModSecurity Rule Set in cPanel ===== |
+ | There are two ways to install comodo modsecurity rule set in cpanel, through cpanel mod_security vendor manager or through comodo cpanel plugin. | ||
+ | |||
+ | ==== Method 1: Install Comodo rule set through cpanel mod_security vendor manager ==== | ||
+ | |||
+ | Log into WHM -> Security Center -> ModSecurity Vendor -> Add vendor: | ||
+ | {{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor.png?600 |}} | ||
+ | |||
+ | Vendor Configuration URL For Comodo ModSecurity LiteSpeed Rule Set is | ||
+ | https://waf.comodo.com/doc/meta_comodo_litespeed.yaml | ||
+ | {{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor-loadurl.png?600 |}} | ||
+ | |||
+ | click "load", then the vendor details will be fetched and automatically filled in the fields. Then "save". | ||
+ | You can also check the [[https://help.comodo.com/topic-212-1-670-8350-.html|instructions]] from Comodo directly. | ||
+ | |||
+ | ==== Method 2: Install Comodo rule set through Comodo plugin ==== | ||
- Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\ | - Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\ | ||
- Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | - Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | ||
Line 12: | Line 27: | ||
- Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} | - Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} | ||
- | ===== Configuring Comodo ===== | + | Configuring Comodo |
- Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard | - Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard | ||
- Click on the **Configuration** tab and update your CWAF credentials | - Click on the **Configuration** tab and update your CWAF credentials | ||
Line 20: | Line 35: | ||
===== Verify Comodo ===== | ===== Verify Comodo ===== | ||
- | - After setting up Comodo, you may need to restart LiteSpeed Web Server | + | ====Method 1==== |
- To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} | - To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} | ||
+ | |||
+ | ====Method 2: Command injection attack==== | ||
+ | - Create a delete.php file with following codes \\ <code> | ||
+ | <?php | ||
+ | print("Please specify the name of the file to delete"); | ||
+ | print("<p>"); | ||
+ | $file=$_GET['filename']; | ||
+ | system("rm $file"); | ||
+ | ?> | ||
+ | </code> | ||
+ | - Create a dummy file \\ <code>touch bob.txt</code> | ||
+ | - Open <code> http://$server_domain/delete.php?filename=bob.txt;id </code> | ||
+ | If WAF works, you will get a 403 forbidden page | ||
===== Uninstall Comodo ===== | ===== Uninstall Comodo ===== |