Differences

This shows you the differences between two versions of the page.

--- litespeed_wiki:waf:comodo [2018/05/16 19:37]
Eric Leu [Verify Comodo]
+++ litespeed_wiki:waf:comodo [2018/11/08 20:49]
Jackson Zhang [Method 2: Command injection attack]
@@ Line 6: / Line 6: @@
   * Preventing SQL injection and Cross Site Scripting (XSS) attacks
-===== Install Comodo =====
+===== Deploy Comodo ModSecurity Rule Set in cPanel =====
+There are two ways to install comodo modsecurity rule set in cpanel, through cpanel mod_security vendor manager or through comodo cpanel plugin.
+==== Method 1: Install Comodo rule set through cpanel mod_security vendor manager ====
+Log into WHM -> Security Center -> ModSecurity Vendor -> Add vendor:
+{{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor.png?600 |}}
+Vendor Configuration URL For Comodo ModSecurity LiteSpeed Rule Set is
+  https://waf.comodo.com/doc/meta_comodo_litespeed.yaml
+{{ :litespeed_wiki:waf:cpanel-modsecurity-addvendor-loadurl.png?600 |}}
+click "load", then the vendor details will be fetched and automatically filled in the fields. Then "save".
+You can also check the [[https://help.comodo.com/topic-212-1-670-8350-.html|instructions]] from Comodo directly.
+==== Method 2: Install Comodo rule set through Comodo plugin  ====
   - Sign up for a Comodo user account [[https://waf.comodo.com/|here]]\\
   - Install CWAF script \\ <code> wget https://waf.comodo.com/cpanel/cwaf_client_install.sh
@@ Line 12: / Line 27: @@
   - Follow the step-by-step prompts. The installation will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:litespeed_wiki:waf:comodo-1.png?500|}}
-===== Configuring Comodo =====
+ Configuring Comodo
   - Login to the WHM control panel, search for ''comodo'' from the search bar. You will see the main Comodo WAF plugin dashboard
   - Click on the **Configuration** tab and update your CWAF credentials
@@ Line 23: / Line 38: @@
   - To check CWAF for protection, send the request as shown below: <code>http://$server_domain/?a=b AND 1=1</code> The server will respond with a 403 status code \\ {{:litespeed_wiki:waf:comodo-5.png?500|}}
-====Method 2: Command injection attack====
+====Method 2 ====
-  - Create a delete.php file with following codes \\ <code>
+You can check that CWAF works properly by sending a GET or POST request parameter ''cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276''
-<?php
-print("Please specify the name of the file to delete");
+Like this:
-print("<p>");
-$file=$_GET['filename'];
+  http://$server_domain/?cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276
-system("rm $file");
-?>
+If the web server returns a 403 Forbidden status, then CWAF works fine.
-</code>
-  - Create a dummy file \\ <code>touch bob.txt</code>
-  - Open <code> http://$server_domain/delete.php?filename=bob.txt;id </code>
-If WAF works, you will get a 403 forbidden page
 ===== Uninstall Comodo =====