This is an old revision of the document!
How to Setup Comodo on LiteSpeed Web Server with cPanel
Comodo is a Mod_Security rule set created by the Comodo Team. It provides real time protection for web apps running on the LiteSpeed Web Server. Its functions include:
- Protecting sensitive customer data
- Meeting PCI compliance requirements
- Blocking unauthorized access
- Preventing SQL injection and Cross Site Scripting (XSS) attacks
Deploy Comodo ModSecurity Rule Set in cPanel
There are two ways to install comodo modsecurity rule set in cpanel, through cpanel mod_security vendor manager or through comodo cpanel plugin.
Method 1: Install Comodo rule set through cpanel mod_security vendor manager
Log into WHM → Security Center → ModSecurity Vendor → Add vendor:
Vendor Configuration URL For Comodo ModSecurity LiteSpeed Rule Set is
https://waf.comodo.com/doc/meta_comodo_litespeed.yaml
click “load”, then the vendor details will be fetched and automatically filled in the fields. Then “save”. You can also check the instructions from Comodo directly.
Method 2: Install Comodo rule set through Comodo plugin
- Sign up for a Comodo user account here
- Install CWAF script
wget https://waf.comodo.com/cpanel/cwaf_client_install.sh sh cwaf_client_install.sh
Configuring Comodo
- Login to the WHM control panel, search for
comodo
from the search bar. You will see the main Comodo WAF plugin dashboard - Click on the Configuration tab and update your CWAF credentials
- Click on the Main tab and update rule versions
Once completed, you will notice that the current rules version shows the correct Latest version
Verify Comodo
Method 1
Method 2: Command injection attack
- Create a delete.php file with following codes
<?php print("Please specify the name of the file to delete"); print("<p>"); $file=$_GET['filename']; system("rm $file"); ?>
- Create a dummy file
touch bob.txt
- Open
http://$server_domain/delete.php?filename=bob.txt;id
If WAF works, you will get a 403 forbidden page
Uninstall Comodo
- Run the uninstall script
cd /var/cpanel/cwaf bash /var/cpanel/cwaf/scripts/uninstall_cwaf.sh
- Answer
y
Once completed, Comodo WAF will be gone.