Results 1 to 27 of 27
  1. #1

    Free mod_security rules from Comodo - New features

    Now you can have categorized rules and apply them selectively...

    and you can have different ruleset/policies per VM.

    Comodo's free modsecurity ruleset is fast becoming more powerful than any paid ones out there!

    This version will be out within next 2 weeks and we look forward to your feedback.

    Melih
    Attached Thumbnails Attached Thumbnails 1.png   2.png   3.png   0.png  

  2. #2
    Join Date
    Oct 2006
    Posts
    210
    Great news, it really is a quality service. Really appreciate it (y)..

  3. #3
    Agreed. So, now it's time to do some tests.

  4. #4
    Quote Originally Posted by Vex76 View Post
    Agreed. So, now it's time to do some tests.
    great. pls let us know your feedback any wishes you may for improvement.

  5. #5
    Join Date
    Jan 2006
    Location
    India
    Posts
    563
    I did register with comodo.

    Where I can download it for testing one of my cpanel server?
    ►ExpertWebHost.NET- Instant reliable CPanel hosting since 2008+
    ►Quality Shared, Reseller and VPS hosting
    ►Choose to host from US/Uk/Canada/Netherlands/Australia - 10 locations

  6. #6
    Quote Originally Posted by ExpertWebHostNET View Post
    I did register with comodo.

    Where I can download it for testing one of my cpanel server?
    https://waf.comodo.com
    HalfDedi.com Half Dedicated Half Price
    We provide affordable VPS hosting solution Singapore datacenter

  7. #7

    Update 20 Feb 2014 - Free modsec rules

    Client Agent 1.2 has been released:

    Rules Catalog - flexible exclude list management:
    List of all Comodo rules divided by groups.
    Exclude rules and groups of rules.
    Management of global excludes lists and excludes for virtual hosts.
    Improvements and bug fixes.

    Now you may update your client from cPanel plugin: "Main" -> "New client is available" -> "Update Plugin"

    Or download and install new script, available by link: https://waf.comodo.com/cpanel/cwaf_client_install.sh

    All your current exclude rules will be stored during update procedure. You may find backup of your exclude list by the path:

    for cPanel:

    /var/cpanel/cwaf/etc/httpd/global/zzz_exclude_global.conf.backup

    for stand-alone mode:

    /CWAF_INSTALL_DIR/etc/httpd/global/zzz_exclude_global.conf.backup

  8. #8

    Comparing Comodo free modsec rules vs paid competitors

    check out the comparison test between Free Comodo modsec rules vs paid competitors ones.
    Attached Thumbnails Attached Thumbnails modsec rules performance.PNG  
    Last edited by Melih; 02-22-2014 at 10:24 AM.

  9. #9
    Join Date
    Apr 2011
    Posts
    40
    Quote Originally Posted by Melih View Post
    check out the comparison test between Free Comodo modsec rules vs paid competitors ones.
    Very interesting! We will have to test your rules on our own against the Atomicorp ones we are currently using. We are actually using the ASL product but are thinking about switching to Configserver firewall + good mod security rules. The ASL has given us good protection, but also many problems.

    Do you have any false positive report system in place like Atomic has? Of course, we would hope your rules does not cause as many false positives as the Atomic rules does.

    Does the rules work with ConfigServer ModSecurity Control?

  10. #10
    Quote Originally Posted by Doublepush View Post
    Very interesting! We will have to test your rules on our own against the Atomicorp ones we are currently using. We are actually using the ASL product but are thinking about switching to Configserver firewall + good mod security rules. The ASL has given us good protection, but also many problems.

    Do you have any false positive report system in place like Atomic has? Of course, we would hope your rules does not cause as many false positives as the Atomic rules does.

    Does the rules work with ConfigServer ModSecurity Control?
    Hello Doublepush.

    Yes, there is False Positive reporting as part of cPanel plugin.

    Rules itself should work fine with ConfigServer.

    Some issues is possible in case you will do configuration changes (like rules exclusion) concurrently in ConfigServer and our plugin.

    Overall it's recommended to use our plugin for such tasks.

    Please try it here, signup is free:
    https://waf.comodo.com

    Thank you.

    Igor.

    COMODO

  11. #11
    Join Date
    May 2003
    Location
    Moon
    Posts
    1,165
    Internal Server Error
    500
    No response from subprocess (/usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi): subprocess exited with status 2 (ENOENT)

    it seems like cpanel plugin not update right ? how can I fix this ?
    ComCities.Com| provide hosting solutions Since 2002
    FLV Enable Icecast Hosting | Shoutcast Hosting | Mobile Streaming | Live TV Streaming | Live Radio Streaming
    CPanel Hosting Solutions | Dedicated Servers | Wowza Media Dedicated Servers | CDN Solutions

  12. #12
    Join Date
    May 2003
    Location
    Moon
    Posts
    1,165
    anyone know how to fix his "Internal Server Error" or uninstalling WAF
    ComCities.Com| provide hosting solutions Since 2002
    FLV Enable Icecast Hosting | Shoutcast Hosting | Mobile Streaming | Live TV Streaming | Live Radio Streaming
    CPanel Hosting Solutions | Dedicated Servers | Wowza Media Dedicated Servers | CDN Solutions

  13. #13
    Join Date
    May 2013
    Location
    USA
    Posts
    928
    Interesting find -- probably now the best source of free mod_security rules after Atomic Corp pulled their free rulesets.
    ▄▀▄ Brian Harrison, Lead Engineer - Reprise Hosting (AS62838)
    ▄▀▄ Deals on cheap dedicated server hosting. IPMI included! Unmetered bandwidth.
    ▄▀▄ Website migration, 24/7/365 support, basic server setup, 15 day money back.
    ▄▀▄ Looking for DEALS on self-managed cheap VPS hosting? Visit VPSHostingDEAL.com

  14. #14
    Join Date
    Jan 2012
    Location
    italy
    Posts
    64
    hello, 0,41 has a diferent instalation metod frome 0.10? because i dont see any "Include /opt/comodo/waf/etc/cwaf.conf"
    for normal server not cPanel

  15. #15
    Join Date
    Apr 2002
    Posts
    930
    Quote Originally Posted by selejan View Post
    hello, 0,41 has a diferent instalation metod frome 0.10? because i dont see any "Include /opt/comodo/waf/etc/cwaf.conf"
    for normal server not cPanel
    Ditto on this. Or maybe I'm missing something. The cPanel plugin doesn't seem to install either.

  16. #16
    Join Date
    Jan 2014
    Location
    Fort Lauderdale
    Posts
    360
    Quote Originally Posted by forumtalk View Post
    Internal Server Error
    500
    No response from subprocess (/usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi): subprocess exited with status 2 (ENOENT)

    it seems like cpanel plugin not update right ? how can I fix this ?
    I had this problem, check your cpanel error log for the entries close to when you tried to launch the plugin. From there, you will see what the script was not able to locate on your server and install it. I remember that I was missing a perl module that I had to install via CPAN.
    Michael Vinocur
    Enterprise IT Solutions
    Helix Technologies LLC
    http://www.hlxtechnologies.com

  17. #17
    is this installer script cPanel/WHM specific?

  18. #18
    Join Date
    Jan 2014
    Location
    Fort Lauderdale
    Posts
    360
    I think the base is not, but they also have a plugin to connect with Cpanel. Without the plugin, I think you have to edit the Modsec rules by hand if any conflicts arise.
    Michael Vinocur
    Enterprise IT Solutions
    Helix Technologies LLC
    http://www.hlxtechnologies.com

  19. #19

    Amazing product for free

    Thank you very much for providing a free product that beats expensive subscriptions

  20. #20

    New modsecurity site launched..do you like it?


  21. #21
    Receiving this as well.

    Code:
    Can't locate Comodo/CWAF/Cpanel.pm in @INC (@INC contains: /usr/local/cpanel /usr/local/cpanel/whostmgr/docroot/cgi /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/x86_64-linux-64int /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/5.14.3/x86_64-linux-64int /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/5.14.3 /opt/cpanel/perl5/514/site_lib/x86_64-linux-64int /opt/cpanel/perl5/514/site_lib .) at /usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi line 13.
    BEGIN failed--compilation aborted at /usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi line 13.
    Duplicate logaccess:  at cpsrvd-ssl line 6400
            main::body_internal_error(500, 'No response from subprocess (/usr/local/cpanel/whostmgr/docroot/...') called at cpsrvd-ssl line 6459
            main::internal_error('No response from subprocess (/usr/local/cpanel/whostmgr/docroot/...') called at cpsrvd-ssl line 9479
            main::handle_subprocess_failure(3, undef, 2, 'No response from subprocess (/usr/local/cpanel/whostmgr/docroot/...') called at cpsrvd-ssl line 7712
            main::subprocess_handler('/usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi', 'IO::Handle=GLOB(0x34a47d0)', 'GLOB(0x34a1240)', 0) called at cpsrvd-ssl line 7572
            main::cgiHandler('docroot', '/usr/local/cpanel/whostmgr/docroot') called at cpsrvd-ssl line 6965
            main::dodoc_whostmgrd() called at cpsrvd-ssl line 1824
            main::dodoc('HASH(0xf6e150)') called at cpsrvd-ssl line 1355
            main::handle_one_connection() called at cpsrvd-ssl line 996
    Internal Server Error: "GET /cpsess474383614/cgi/addon_cwaf.cgi HTTP/1.1" 500 No response from subprocess (/usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi): subprocess exited with status 2 (ENOENT)
    Quote Originally Posted by forumtalk View Post
    Internal Server Error
    500
    No response from subprocess (/usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi): subprocess exited with status 2 (ENOENT)

    it seems like cpanel plugin not update right ? how can I fix this ?
    ULTRA Web Hosting - Superior Owned and Operated Servers - Since 2002
    CloudLinux - Shared | WordPress Optimized | Reseller | VPS | Managed Dedicated Servers | Seattle Co-location Services | Live Support | Real Green Hosting Provider | Onsite Technicians | Design | SBs | Consultation | Price Guarantee | 24/7/365 Support | Weebly | CloudFlare

  22. #22
    *My fix

    /bin/cp -avf /var/cpanel/cwaf/modules/CPAN/lib/* /opt/cpanel/perl5/514/site_lib/
    ULTRA Web Hosting - Superior Owned and Operated Servers - Since 2002
    CloudLinux - Shared | WordPress Optimized | Reseller | VPS | Managed Dedicated Servers | Seattle Co-location Services | Live Support | Real Green Hosting Provider | Onsite Technicians | Design | SBs | Consultation | Price Guarantee | 24/7/365 Support | Weebly | CloudFlare

  23. #23
    Join Date
    Mar 2012
    Posts
    34
    Using LiteSpeed + ConfigServer Firewall

    LF_MODSEC = Default: 5
    LF_MODSEC_PERM = 1

    It's not blocking the IP addresses in CSF (I can see some IP's clearly triggering the rulesets more then 5 times in less then a minute).

  24. #24
    Quote Originally Posted by UWH-David View Post
    *My fix

    /bin/cp -avf /var/cpanel/cwaf/modules/CPAN/lib/* /opt/cpanel/perl5/514/site_lib/
    Just what I was looking for, Thanks!
    Crown Hosting Services UK Hosting Services

  25. #25
    Join Date
    Aug 2005
    Posts
    421
    Quote Originally Posted by DaEmployer View Post
    Using LiteSpeed + ConfigServer Firewall

    LF_MODSEC = Default: 5
    LF_MODSEC_PERM = 1

    It's not blocking the IP addresses in CSF (I can see some IP's clearly triggering the rulesets more then 5 times in less then a minute).
    I've got the same issue, audit log fills up but no single lines in error_log as is required by csf. I haven't tried comodo rules yet though but I presume it's the same issue.

  26. #26
    Join Date
    Apr 2013
    Location
    Outskirts of Milky Way
    Posts
    381
    The Comodo rules were fixed for LiteSpeed since @DaEmployer posted the bug report.

    http://forums.comodo.com/free-modsec...t105850.0.html
    Your IT Concierge
    Server Management, Business-class Web Hosting
    Speedy, Secure, Stable Hosting for Developers

  27. #27
    anyone know how to fix his "Internal Server Error" or uninstalling WAF????

Similar Threads

  1. Replies: 39
    Last Post: 08-30-2014, 03:16 AM
  2. Comodo mod_security cPanel plugin?
    By kpmedia in forum Hosting Security and Technology
    Replies: 7
    Last Post: 01-20-2014, 12:55 AM
  3. Replies: 1
    Last Post: 09-27-2010, 12:09 PM
  4. Redistribuable and DFSG-free mod_security rules
    By gplhost in forum Hosting Security and Technology
    Replies: 0
    Last Post: 03-23-2009, 07:25 AM
  5. This mod_security rules
    By nibb in forum Hosting Security and Technology
    Replies: 1
    Last Post: 10-10-2008, 06:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •