RSS Feed
Knowledgebase : Comodo Web-Application Firewall (CWAF)
Since version 2.12 after CWAF-plugin installation rules (the latest version) are offered to be downloaded. It works as for Web-Host Management systems (WHMS) as for standalone installation. For previous CWAF-plugin versions rules download is not offered. In this case current version is designated as 0 and available version (the latest) is offered. Rules could be downloaded by: 1) Comodo WAF - Main - Rules (version) availbale button for WHMS (cPanel, Plesk, DirectAdmin, WebMin); 2) /path_...
If new version of CWAF-plugin is available in Web-Host Management Systems (WHMS) such as cPanel, Plesk, DirectAdmin and Webmin at Comodo WAF - Main there is a button with new version number (pic.1). Pic. 1 To update CWAF-plugin the script /path_to_cwaf/cwaf/scripts/update-client.pl is used. It also may be used for standalone installation. If current CWAF plugin version is pointed as LATEST (pic. 2)there is no need to update . Pic. 2 CWAF-plugin update is not scheduled, but script coul...
CWAF plug-in and ModSecurity rules work on Unix-like OS. We've tested our software with Debian, Suse, Centos, Ubuntu and FreeBSD 9.2 and higher. Web-servers we support are Apache 2.x, LiteSpeed 4.x, 5.x, Nginx 1.4.2 and higher with ModSecurity 2.7.5 and higher. Our software works with Web-Host Management Systems (WHMS) such as cPanel, Plesk, DirectAdmin, WebMin and also in standalone mode.
Yes. Any ip-address could be added in whitelist. If Web-Host Management Systems (WHMS) is used in CWAF-plugin (section "UserData", "Custom User rules" text-box) the next configuration should be add: SecRule REMOTE_ADDR "^192.168.0.1$" phase:1, log, allow, ctl: ruleEngine=Off,id=999999 where 192.168.0.1 - IP-address, id - rule ID, which should be unique for each IP-address you exlude. It's presented as regular expression (regex). For standalone installation this string could be add to /et...
Sometimes to disable Modsecurity for some domains is needed. There are some methods to realise this function. 1) Using CWAF-plugin - Security Engine - Disable domains button. 2) By script /path_to_cwaf/cwaf/scripts/cwaf-cli.pl with parameters.