Differences

This shows you the differences between two versions of the page.

--- litespeed_wiki:waf:comodo [2017/09/05 17:57]
Lisa Clarke
+++ litespeed_wiki:waf:comodo [2018/11/08 20:47]
Jackson Zhang
@@ Line 1: / Line 1: @@
 ====== How to Setup Comodo on LiteSpeed Web Server with cPanel======
 [[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set created by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server. Its functions include:
-  * Protect sensitive customer data
+  * Protecting sensitive customer data
-  * Meet PCI compliance requirements
+  * Meeting PCI compliance requirements
-  * Block unauthorized access
+  * Blocking unauthorized access
-  * Prevent SQL injection and Cross Site Scripting (XSS) attacks
+  * Preventing SQL injection and Cross Site Scripting (XSS) attacks
-===== Install Comodo =====
+===== Deploy Comodo ModSecurity Rule Set in cPanel =====
+There are two ways to install comodo modsecurity rule set in cpanel, through cpanel mod_security vendor manager or through comodo cpanel plugin.
+==== Method 1: Install Comodo rule set through cpanel mod_security vendor manager ====
+Log into WHM -> Security Center -> ModSecurity Vendor -> Add vendor:
+{{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor.png?600 |}}
+Vendor Configuration URL For Comodo ModSecurity LiteSpeed Rule Set is
+  https://waf.comodo.com/doc/meta_comodo_litespeed.yaml
+{{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor-loadurl.png?600 |}}
+click "load", then the vendor details will be fetched and automatically filled in the fields. Then "save".
+You can also check the [[https://help.comodo.com/topic-212-1-670-8350-.html|instructions]] from Comodo directly.
+==== Method 2: Install Comodo rule set through Comodo plugin  ====
   - Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\
   - Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh
@@ Line 12: / Line 27: @@
   - Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}}
-===== Configuring Comodo =====
+ Configuring Comodo
   - Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard
   - Click on the **Configuration** tab and update your CWAF credentials
@@ Line 20: / Line 35: @@
 ===== Verify Comodo =====
-  - After setting up Comodo, you may need to restart LiteSpeed Web Server
+====Method 1====
   - To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}}
+====Method 2: Command injection attack====
+  - Create a delete.php file with following codes \\ <code>
+<?php
+print("Please specify the name of the file to delete");
+print("<p>");
+$file=$_GET['filename'];
+system("rm $file");
+?>
+</code>
+  - Create a dummy file \\ <code>touch bob.txt</code>
+  - Open <code> http://$server_domain/delete.php?filename=bob.txt;id </code>
+If WAF works, you will get a 403 forbidden page
 ===== Uninstall Comodo =====