Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
litespeed_wiki:waf:standalone [2018/11/08 19:56] Lisa Clarke Proofreading and Rewording |
litespeed_wiki:waf:standalone [2019/01/24 21:16] (current) Lisa Clarke [Add WAF Rule Set] Proofreading |
||
---|---|---|---|
Line 37: | Line 37: | ||
</code> | </code> | ||
- | This will download Comodo Litespeed rules, and move ''rules.conf.main'' to ''rules.conf''. This is the file we will reference in the WebAdmin console. | + | This will download Comodo Litespeed rules, and move ''rules.conf.main'' to ''rules.conf''. This is the master file including all rules. You can reference in the WebAdmin console for this master file. |
=====Add WAF Rule Set===== | =====Add WAF Rule Set===== | ||
Line 45: | Line 45: | ||
{{ :litespeed_wiki:waf:waf-ruleset.png?600 |}} | {{ :litespeed_wiki:waf:waf-ruleset.png?600 |}} | ||
- | Click **Add** to edit the **WAF Rule Set** | + | Click **Add** to edit the **WAF Rule Set**. |
{{ :litespeed_wiki:waf:waf-settings.png?600 |}} | {{ :litespeed_wiki:waf:waf-settings.png?600 |}} | ||
Line 52: | Line 52: | ||
* **Action**: ''None'' | * **Action**: ''None'' | ||
* **Enabled**: ''Yes'' | * **Enabled**: ''Yes'' | ||
- | * **Rules Defination**: ''Include $SERVER_ROOT/conf/comodo_litespeed/rules.conf'' | + | * **Rules Definition**: ''Include $SERVER_ROOT/conf/comodo_litespeed/rules.conf'' |
Click **Save** to activate the rules. | Click **Save** to activate the rules. | ||
+ | |||
+ | You can include as many rule files as you like in the **Rules Definition** area. | ||
+ | |||
+ | The Comodo ''Rules.conf.main'' file is a Comodo master file to include all rules in order. It the same as manually entering the following: | ||
+ | |||
+ | Include 00_Init_Initialization.conf | ||
+ | Include 01_Init_AppsInitialization.conf | ||
+ | Include 02_Global_Generic.conf | ||
+ | Include 03_Global_Agents.conf | ||
+ | Include 04_Global_Domains.conf | ||
+ | Include 05_Global_Incoming.conf | ||
+ | Include 06_Global_Backdoor.conf | ||
+ | Include 07_XSS_XSS.conf | ||
+ | Include 08_Global_Other.conf | ||
+ | Include 09_Bruteforce_Bruteforce.conf | ||
+ | Include 10_HTTP_HTTP.conf | ||
+ | Include 11_HTTP_HTTPDoS.conf | ||
+ | Include 12_HTTP_Protocol.conf | ||
+ | Include 13_HTTP_Request.conf | ||
+ | Include 14_Outgoing_FilterGen.conf | ||
+ | Include 15_Outgoing_FilterASP.conf | ||
+ | Include 16_Outgoing_FilterPHP.conf | ||
+ | Include 17_Outgoing_FilterSQL.conf | ||
+ | Include 18_Outgoing_FilterOther.conf | ||
+ | Include 19_Outgoing_FilterInFrame.conf | ||
+ | Include 20_Outgoing_FiltersEnd.conf | ||
+ | Include 21_PHP_PHPGen.conf | ||
+ | Include 22_SQL_SQLi.conf | ||
+ | Include 23_ROR_RORGen.conf | ||
+ | Include 24_Apps_Joomla.conf | ||
+ | Include 25_Apps_JComponent.conf | ||
+ | Include 26_Apps_WordPress.conf | ||
+ | Include 27_Apps_WPPlugin.conf | ||
+ | Include 28_Apps_WHMCS.conf | ||
+ | Include 29_Apps_Drupal.conf | ||
+ | Include 30_Apps_OtherApps.conf | ||
+ | |||
+ | If using some commercial rules set (like the Atomic rule set) or your own rules set, which does not have such a master file, you have two options: | ||
+ | * Include rules with absolute path one by one in the **Rules Definition** field. | ||
+ | * Make a master file to include all rules with full path, then include only that master file in the **Rules Definition** field. | ||
+ | |||
+ | If including multi-rul files for mod_security, the files must be included in the right order to make them work properly. | ||
=====Enable Firewall===== | =====Enable Firewall===== |