Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
litespeed_wiki:waf:comodo [2017/09/05 17:36] Eric Leu [Install Comodo] |
litespeed_wiki:waf:comodo [2018/11/08 20:49] Jackson Zhang [Method 2: Command injection attack] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== How to setup comodo on LiteSpeed Web Server with cPanel====== | + | ====== How to Setup Comodo on LiteSpeed Web Server with cPanel====== |
| - | [[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set create by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server | + | [[https://waf.comodo.com/ | Comodo ]] is a Mod_Security rule set created by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server. Its functions include: |
| + | * Protecting sensitive customer data | ||
| + | * Meeting PCI compliance requirements | ||
| + | * Blocking unauthorized access | ||
| + | * Preventing SQL injection and Cross Site Scripting (XSS) attacks | ||
| + | ===== Deploy Comodo ModSecurity Rule Set in cPanel ===== | ||
| + | There are two ways to install comodo modsecurity rule set in cpanel, through cpanel mod_security vendor manager or through comodo cpanel plugin. | ||
| - | ===== Install Comodo ===== | + | ==== Method 1: Install Comodo rule set through cpanel mod_security vendor manager ==== |
| - | - Signing-up for a Comodo User Account at [[https://waf.comodo.com/|here]]\\ | + | |
| - | - Install cwaf script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | + | Log into WHM -> Security Center -> ModSecurity Vendor -> Add vendor: |
| + | {{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor.png?600 |}} | ||
| + | |||
| + | Vendor Configuration URL For Comodo ModSecurity LiteSpeed Rule Set is | ||
| + | https://waf.comodo.com/doc/meta_comodo_litespeed.yaml | ||
| + | {{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor-loadurl.png?600 |}} | ||
| + | |||
| + | click "load", then the vendor details will be fetched and automatically filled in the fields. Then "save". | ||
| + | You can also check the [[https://help.comodo.com/topic-212-1-670-8350-.html|instructions]] from Comodo directly. | ||
| + | |||
| + | ==== Method 2: Install Comodo rule set through Comodo plugin ==== | ||
| + | - Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\ | ||
| + | - Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | ||
| sh cwaf_client_install.sh</code> | sh cwaf_client_install.sh</code> | ||
| - | - Install step by step with prompt window, it will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} | + | - Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} |
| - | ===== Configuring Comodo ===== | + | Configuring Comodo |
| - | - Login WHM control panel, search comodo from search bar. You will see the main Comodo WAF Plugin Dashboard | + | - Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard |
| - | - Click on tab **Configuration** and update your CWAF credentials | + | - Click on the **Configuration** tab and update your CWAF credentials |
| - | - Click on tab **Main** and update rule versions | + | - Click on the **Main** tab and update rule versions |
| - | - Then, you will see current rules version shows ''Latest version'' \\ {{:litespeed_wiki:waf:comodo-3.png?500|}} | + | |
| + | Once completed, you will notice that the current rules version shows the correct ''Latest version'' \\ {{:litespeed_wiki:waf:comodo-3.png?500|}} | ||
| ===== Verify Comodo ===== | ===== Verify Comodo ===== | ||
| - | - After setup comodo, you may need to restart LiteSpeed Web Server | + | ====Method 1==== |
| - | - To check CWAF for protection, send the request as shown below: \\ <nowiki> http://$server_domain/ </nowiki> **?a=b AND 1=1**, server will response 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} | + | - To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} |
| + | |||
| + | ====Method 2 ==== | ||
| + | You can check that CWAF works properly by sending a GET or POST request parameter ''cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276'' | ||
| + | |||
| + | Like this: | ||
| + | |||
| + | http://$server_domain/?cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276 | ||
| + | |||
| + | If the web server returns a 403 Forbidden status, then CWAF works fine. | ||
| ===== Uninstall Comodo ===== | ===== Uninstall Comodo ===== | ||
| - | - Run uninstall script <code>cd /var/cpanel/cwaf | + | - Run the uninstall script <code>cd /var/cpanel/cwaf |
| bash /var/cpanel/cwaf/scripts/uninstall_cwaf.sh</code> | bash /var/cpanel/cwaf/scripts/uninstall_cwaf.sh</code> | ||
| - | - Enter ansewer[y/n] y \\ | + | - Answer ''y'' |
| - | - Then Comodo WAF should be gone after that. | + | |
| + | Once completed, Comodo WAF will be gone. | ||