cPanel & WHM Version 98 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Comodo WAF as a ModSecurity Vendor

pointaction shared this idea 6 years ago
Open Discussion

It would be nice to have The Comodo Web Application Firewall as a ModSecurity Vendor for those who want use Comodo.


I have 10 servers that is currently running Comodo WAF and it would be nice to get them in the ModSecurity Vendor list.


Here is some links below for more information


https://modsecurity.comodo.com/


https://waf.comodo.com/


https://help.comodo.com/topic-212-1-514-5938-.html


https://forums.comodo.com/free-modsecurity-rules-comodo-web-application-firewall-b223.0/-t109602.0.html


I like using them and think it would a nice addition to the Vendor list.

Replies (17)

photo
1

Hi! You can already add custom ModSecurity vendors.


Full documentation for it can be found at: http://documentation.cpanel.net/display/ALD/ModSecurity+Vendors


I hope this helps.

-Travis

photo
1

Tristan J. Wallace said this in the support ticket that I have below.

  1. Comodo is not being investigated yet as a possible vendor (OWASP ruleset

    is the provided vendor at this time). In case 171041, the discussion

    was made that this would be best set as a feature request instead at http://features.cpanel.net location.

So I added a feature request as said to do.


You can read from Comodo forums which is listed above what is being said too.


photo
1

vlee wrote:

Tristan J. Wallace said this in the support ticket that I have below.


  1. Comodo is not being investigated yet as a possible vendor (OWASP ruleset

    is the provided vendor at this time). In case 171041, the discussion

    was made that this would be best set as a feature request instead at http://features.cpanel.net location.

So I added a feature request as said to do.


You can read from Comodo forums which is listed above what is being said too.


Are you just wanting to use the vendor on your systems, or are you wanting us to include it for every cPanel & WHM server in the world?

photo
1

It would be nice to have it for everyone who want use Comodo.


Right now I have 10 servers using Comodo as 3rd party app and would be nice to not do it that way.

photo
3

OWASP is known to have lots of false positives, Comod's ruleset seems to basicly be an improved version of OWASP with much fewer false positives and even a specific version for Litespeed.


We've been using comodo's ruleset for quite some time now.


Comodo say they have created yaml files but are waiting for cPanel's aproval to confirm if they are correct.


Has cPanel checked them out yet ?


We would have prefered to have comodo's ruleset by default instead of the less polished OWASP ones...

photo
2

Of course it would be better to change it from OWASP to Comodo, but don't think you will do that now.

But they should at least add them as a vendor!

We got over 50 servers running Comodo. We changed from Configserver and have only experienced some small issues. It's much better than CMC.

photo
1

YAY... Good News


I am testing it out on one of my servers now.


Comodo can now be easily installed as ModSecurity Vendor to cPanel for Apache and LiteSpeed platforms.


https://forums.comodo.com/free-modsecurity-rules-comodo-web-application-firewall/comodo-as-a-modsecurity-vendor-in-cpanel-t110147.0.html

  1. Input one of URLs depending on your web-server:

photo
2

Comodo as a ModSecurity Vendor in cPanel

If your server is running cPanel 11.48 and higher you may install Comodo as ModSecurity Vendor.


See also cPanel ModSecurity Vendors Requirements


Warnings:

  • cPanel ModSecurity Vendors are not compatible with CWAF plugin. So, you can't use both in parallel for management your protection rules.
  • Don't activate both Comodo Rule Sets for Apache and LiteSpeed simultaneously to avoid conflicts.

Release Notes:

  • In the current version you can't report problems with Comodo rules through cPanel ModSecurity Tools.
  • We don't recommend to enable two ModSecurity Vendors simultaneously to avoid possibly logical conflicts and performance issues.

Please send us your feedback:

https://forums.comodo.com/free-modsecurity-rules-comodo-web-application-firewall/comodo-as-a-modsecurity-vendor-in-cpanel-t110147.0.html

photo
2

Still one issue with Comodo as a Mod Security Vendor


After adding Comodo to the Vendor list I get this error when I click on rule that shows up here Home »Security Center »Hits List below


Error: API failure: The vendor “comodo” is not set up.


Then here is what Comodo said


Yes, we know about this limitation. However despite on this issue rules loaded and working correctly.


cPanel

doesn't fully support our vendor names: "comodo-apache" and

"comodo-litespeed", so probably we'll need to change them.


In the near

weeks we plan to update our cPanel support to enable feedback reporting

and fixing of this issue.


Be nice to have cPanel fully support vendor names and so on.


I may switch back to plugin mode until this is fixed.

photo
1

@vlee - Personally I would stay with the Comodo plugin because it gives you more rule control at the account level. cPanel has a nice interface now but, it doesn't allow for account/domain level rule exclusion right now.

photo
1

If I change vendors, I need to throw out all the current whitelist exceptions -correct???

photo
1

This company named Columbus Software provides Comodo WAF as a ModSecurity Vendor here:https://columbussoft.com/columbussoft-extra-modsecurity-vendor-comodo-modsecurity-rules/


I was able to install it for free without any problems.

photo
1

I was able to install Comodo WAF as a ModSecurity Vendor from the link you provided, will this be automatically updating?

https://columbussoft.com/columbussoft-extra-modsecurity-vendor-comodo-modsecurity-rules/

photo
1

Good find but, the downside of cPanels panel is that you can't manipulate the rules per domain, etc. like you can with Comodo's. Then the question becomes, if Comodo's is compatible without this feature, why not stick with theirs instead of using cPanel's tool?

photo
1

I don't see what they are really adding - i think Cpanel should work more closely with comodo and make them the default rules or help the community manage OWASP exceptions.

photo
1

1. Comodo has search features that cPanel doesn't (filter by rule or domain)


2. Updates are automatic (not sure if this mod will)

3. Rules edits are manual instead of a nice UI


There are a couple others. IMHO, Comodo does a better job with the UI and DEFINITELY with rules.

Leave a Comment
 
Attach a file