Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
litespeed_wiki:waf:comodo [2017/09/05 17:36]
Eric Leu [Install Comodo]
litespeed_wiki:waf:comodo [2018/11/08 20:57] (current)
Jackson Zhang [Uninstall Comodo]
Line 1: Line 1:
-====== How to setup comodo ​on LiteSpeed Web Server with cPanel====== +====== How to Setup Comodo ​on LiteSpeed Web Server with cPanel====== 
-[[https://​waf.comodo.com/​ | Comodo ]] is a Mod_Security rule set create ​by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server+[[https://​waf.comodo.com/​ | Comodo ]] is a Mod_Security rule set created ​by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server. Its functions include: 
 +  * Protecting sensitive customer data 
 +  * Meeting PCI compliance requirements 
 +  * Blocking unauthorized access 
 +  * Preventing SQL injection and Cross Site Scripting (XSS) attacks
  
 +===== Deploy Comodo ModSecurity Rule Set in cPanel =====
 +There are two ways to install comodo modsecurity rule set in cpanel, through cpanel mod_security vendor manager or through comodo cpanel plugin. ​
  
-====Install Comodo ​===== +==== Method 1: Install Comodo ​rule set through cpanel mod_security vendor manager ​==== 
-  - Signing-up for a Comodo ​User Account at [[https://​waf.comodo.com/​|here]]\\ + 
-  - Install ​cwaf script \\ <​code>​ wget https://​waf.comodo.com/​cpanel/​cwaf_client_install.sh+Log into WHM -> Security Center -> ModSecurity Vendor -> Add vendor: 
 +{{ :​litespeed_wiki:​waf:​cpanel-modsecurity-addvendor.png?​600 |}} 
 + 
 +Vendor Configuration URL For Comodo ModSecurity LiteSpeed Rule Set is 
 +  ​https://​waf.comodo.com/​doc/​meta_comodo_litespeed.yaml 
 +{{ :​litespeed_wiki:​waf:​cpanel-modsecurity-addvendor-loadurl.png?​600 |}} 
 + 
 +click "​load",​ then the vendor details will be fetched and automatically filled in the fields. Then "​save"​. 
 +You can also check the [[https://​help.comodo.com/​topic-212-1-670-8350-.html|instructions]] from Comodo directly. ​  
 + 
 +==== Method 2: Install Comodo rule set through Comodo plugin ​ ==== 
 +  ​Sign up for a Comodo ​user account ​[[https://​waf.comodo.com/​|here]]\\ 
 +  - Install ​CWAF script \\ <​code>​ wget https://​waf.comodo.com/​cpanel/​cwaf_client_install.sh
  sh cwaf_client_install.sh</​code>​  sh cwaf_client_install.sh</​code>​
-  - Install ​step by step with prompt window, it will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:​litespeed_wiki:​waf:​comodo-1.png?​500|}}+  - Follow the step-by-step prompts. The installation ​will detect which web server is running (Apache, LiteSpeed or Nginx) \\ {{:​litespeed_wiki:​waf:​comodo-1.png?​500|}}
  
-===== Configuring Comodo ​===== + Configuring Comodo  
-  - Login WHM control panel, search comodo from search bar. You will see the main Comodo WAF Plugin Dashboard +  - Login to the WHM control panel, search ​for ''​comodo'' ​from the search bar. You will see the main Comodo WAF plugin dashboard 
-  - Click on tab **Configuration** and update your CWAF credentials +  - Click on the **Configuration** ​tab and update your CWAF credentials 
-  - Click on tab **Main** and update rule versions +  - Click on the **Main** ​tab and update rule versions 
-  - Then, you will see current rules version shows ''​Latest version''​ \\    {{:​litespeed_wiki:​waf:​comodo-3.png?​500|}}+ 
 +Once completed, you will notice that the current rules version shows the correct ​''​Latest version''​ \\    {{:​litespeed_wiki:​waf:​comodo-3.png?​500|}}
  
 ===== Verify Comodo ===== ===== Verify Comodo =====
-  - After setup comodo, you may need to restart LiteSpeed Web Server +====Method 1==== 
-  - To check CWAF for protection, send the request as shown below: ​\\ <nowiki> http://​$server_domain/ ​</​nowiki>​ **?a=b AND 1=1**, server will response ​403 status code \\ {{:​litespeed_wiki:​waf:​comodo-5.png?​500|}}+  - To check CWAF for protection, send the request as shown below: <code>​http://​$server_domain/?​a=b AND 1=1</​code>​ The server will respond with a 403 status code \\ {{:​litespeed_wiki:​waf:​comodo-5.png?​500|}} 
 + 
 +====Method 2 ==== 
 +You can check that CWAF works properly by sending a GET or POST request parameter ''​cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276''​ 
 + 
 +Like this: 
 + 
 +  http://​$server_domain/?​cwaf_test_request=a12875a9e62e1ecbcd1dded1879ab06949566276 
 + 
 +If the web server returns a 403 Forbidden status, then CWAF works fine. 
  
 ===== Uninstall Comodo ===== ===== Uninstall Comodo =====
-  ​- Run uninstall script <​code>​cd /​var/​cpanel/​cwaf+ 
 +You can uninstall comodo rule sets through the same way as you installed them.  
 + 
 +==== Through cpanel ModSecurity™ Vendors manager ==== 
 +If you install comodo rules set through cpanel ModSecurity™ Vendors manager, you can simple to there and click "​delete"​. 
 +{{ :​litespeed_wiki:​waf:​cpanel-modsecurity-delete-ruleset.png?​600 |}} 
 + 
 +==== Through comodo cpanel plugin if installed via it ==== 
 +  ​- Run the uninstall script <​code>​cd /​var/​cpanel/​cwaf
 bash /​var/​cpanel/​cwaf/​scripts/​uninstall_cwaf.sh</​code>​ bash /​var/​cpanel/​cwaf/​scripts/​uninstall_cwaf.sh</​code>​
-  - Enter ansewer[y/n] y \\ +  - Answer ''​y''​ 
-  - Then Comodo WAF should ​be gone after that.+ 
 +Once completed, ​Comodo WAF will be gone.
  
  • Admin
  • Last modified: 2017/09/05 17:36
  • by Eric Leu