Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
litespeed_wiki:waf:comodo [2017/09/05 21:34] Ron Saad [How to Setup Comodo on LiteSpeed Web Server with cPanel] |
litespeed_wiki:waf:comodo [2018/11/08 20:49] Jackson Zhang [Method 2: Command injection attack] |
||
|---|---|---|---|
| Line 6: | Line 6: | ||
| * Preventing SQL injection and Cross Site Scripting (XSS) attacks | * Preventing SQL injection and Cross Site Scripting (XSS) attacks | ||
| - | ===== Install Comodo ===== | + | ===== Deploy Comodo ModSecurity Rule Set in cPanel ===== |
| + | There are two ways to install comodo modsecurity rule set in cpanel, through cpanel mod_security vendor manager or through comodo cpanel plugin. | ||
| + | |||
| + | ==== Method 1: Install Comodo rule set through cpanel mod_security vendor manager ==== | ||
| + | |||
| + | Log into WHM -> Security Center -> ModSecurity Vendor -> Add vendor: | ||
| + | {{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor.png?600 |}} | ||
| + | |||
| + | Vendor Configuration URL For Comodo ModSecurity LiteSpeed Rule Set is | ||
| + | https://waf.comodo.com/doc/meta_comodo_litespeed.yaml | ||
| + | {{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor-loadurl.png?600 |}} | ||
| + | |||
| + | click "load", then the vendor details will be fetched and automatically filled in the fields. Then "save". | ||
| + | You can also check the [[https://help.comodo.com/topic-212-1-670-8350-.html|instructions]] from Comodo directly. | ||
| + | |||
| + | ==== Method 2: Install Comodo rule set through Comodo plugin ==== | ||
| - Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\ | - Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\ | ||
| - Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | - Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh | ||
| Line 12: | Line 27: | ||
| - Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} | - Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}} | ||
| - | ===== Configuring Comodo ===== | + | Configuring Comodo |
| - Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard | - Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard | ||
| - Click on the **Configuration** tab and update your CWAF credentials | - Click on the **Configuration** tab and update your CWAF credentials | ||
| Line 20: | Line 35: | ||
| ===== Verify Comodo ===== | ===== Verify Comodo ===== | ||
| - | - After setting up Comodo, you may need to restart LiteSpeed Web Server | + | ====Method 1==== |
| - To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} | - To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}} | ||
| + | |||
| + | ====Method 2 ==== | ||
| + | You can check that CWAF works properly by sending a GET or POST request parameter ''cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276'' | ||
| + | |||
| + | Like this: | ||
| + | |||
| + | http://$server_domain/?cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276 | ||
| + | |||
| + | If the web server returns a 403 Forbidden status, then CWAF works fine. | ||
| + | |||
| ===== Uninstall Comodo ===== | ===== Uninstall Comodo ===== | ||