Author Topic: Comodo rules for LiteSpeed  (Read 9785 times)

Offline ezynic

  • Newbie
  • *
  • Posts: 16
Re: Comodo rules for LiteSpeed
« Reply #30 on: November 10, 2016, 06:34:02 PM »
So how is Litespeed support these days? Is brute force working? How about excluding domains? I've just had it with Atomicorp's attitude and switched a server to Comodo. Working fine so far...

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14588
    • Video Blog
Re: Comodo rules for LiteSpeed
« Reply #31 on: November 11, 2016, 08:30:08 AM »
So how is Litespeed support these days? Is brute force working? How about excluding domains? I've just had it with Atomicorp's attitude and switched a server to Comodo. Working fine so far...

welcome to Comodo ezynic!

We support Litespeed. If you have any specific requirement please feel free to tell us so that we can get it done for you asap.

we are here to serve you.

Offline Hedloff

  • Comodo Loves me
  • ****
  • Posts: 149
Re: Comodo rules for LiteSpeed
« Reply #32 on: November 11, 2016, 08:33:38 AM »
Think brute force is still working.
But there is alot of issues with EA4 and CWAF atm.

I got a reponse from their staff that it will not be supported from Comodo to exclude/disable domains.
So currently we're checking other vendors for mod_security rules on LiteSpeed servers.

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 334
Re: Comodo rules for LiteSpeed
« Reply #33 on: November 11, 2016, 09:52:31 AM »
Hello Hedloff

Think brute force is still working.
But there is alot of issues with EA4 and CWAF atm.

I got a reponse from their staff that it will not be supported from Comodo to exclude/disable domains.
So currently we're checking other vendors for mod_security rules on LiteSpeed servers.

We didn't detect any issues with exclude/disable domains for cPanel + LiteSpeed + CWAF configuration. Possibly it's related to the last LiteSpeed updates.

We'll review this issue and release the new CWAF agent version. We will be grateful to you if you can provide us your current configuration (cPanel, LiteSpeed asd CWAF plugin versions).

Please also create support ticket here: https://support.comodo.com/index.php?/Tickets/Submit (WAF Support)

And we'll provide you direct support to resolve this issue on your web-servers.





--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline ezynic

  • Newbie
  • *
  • Posts: 16
Re: Comodo rules for LiteSpeed
« Reply #34 on: November 12, 2016, 11:52:27 AM »
I got a reponse from their staff that it will not be supported from Comodo to exclude/disable domains.

Have you tried Configserver's Modsec Control? That's what I was using to exclude Atomicorp rules. It would be a disappointment if that stopped working.

Offline akabakov

  • Comodo's Hero
  • *****
  • Posts: 364
Re: Comodo rules for LiteSpeed
« Reply #35 on: November 15, 2016, 10:47:42 AM »
How to exclude ModSecurity for domain under cPanel and LiteSpeed?
As an example lets use domain joomla-ls.labtest.
Exlude usually is located at /var/cpanel/cwaf/etc/httpd/domains/000_exclude_joomla-ls.labtest\:80.conf It contains:
Code: [Select]
SecRule SERVER_NAME "(?:.*\.)?mail\.joomla-ls\.labtest(?::80)?|(?:.*\.)?www\.joomla-ls\.labtest(?::80)?|(?:.*\.)?joomla-ls\.labtest(?::80)?" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off,id:10001"
Such file is usually created after domain exclude in CWAF-plugin. For Apache it works, LiteSpeed 'reads' this file, but not uses it. To work with LiteSpeed code above should be located in /etc/apache2/conf.d/includes/post_virtualhost_global.conf (EA4) or in /usr/local/apache/conf/includes/post_virtualhost_global.conf (EA3) for any domain(s) user needs to exclude.
Also /var/cpanel/cwaf/etc/httpd/domains/000_exclude_joomla-ls.labtest\:80.conf and other file(s) should be removed to avoid existing rules with the same id. If this files exists LiteSpeed will work, but CWAF-plugin won't. Also if LiteSpeed is changed by Apache, it also won't work.
« Last Edit: November 15, 2016, 11:08:02 AM by akabakov »

Offline Hedloff

  • Comodo Loves me
  • ****
  • Posts: 149
Re: Comodo rules for LiteSpeed
« Reply #36 on: November 17, 2016, 03:19:10 AM »
akabakov: It would be great if you could get this in your agent so we don't have to this manually to get it working.
Everything we have to do manually is not worth it. Then it's better to have no WAF rules at all.

Offline akabakov

  • Comodo's Hero
  • *****
  • Posts: 364
Re: Comodo rules for LiteSpeed
« Reply #37 on: November 17, 2016, 03:49:09 AM »
It would be great if you could get this in your agent so we don't have to this manually to get it working.
Everything we have to do manually is not worth it. Then it's better to have no WAF rules at all.

We'll try to include this in agent. Work is in progress.

Offline Hedloff

  • Comodo Loves me
  • ****
  • Posts: 149
Re: Comodo rules for LiteSpeed
« Reply #38 on: November 17, 2016, 04:14:11 AM »
Great NEWS!
Any idea/eta when new agent will be launched for this and/or fix EA4 issues?

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 334
Re: Comodo rules for LiteSpeed
« Reply #39 on: November 17, 2016, 09:50:59 AM »
Great NEWS!
Any idea/eta when new agent will be launched for this and/or fix EA4 issues?

Related fix will be included into the next version of CWAF plugin. We plan to release it this month.
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline H0sseiN

  • Newbie
  • *
  • Posts: 8
Re: Comodo rules for LiteSpeed
« Reply #40 on: April 07, 2017, 01:47:18 PM »
Hello,

we have error 403 error when we are editing posts in wordpress with last update.

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 357
Re: Comodo rules for LiteSpeed
« Reply #41 on: April 07, 2017, 02:13:43 PM »
Hello,

we have error 403 error when we are editing posts in wordpress with last update.
Is this can be related with cPanel update?

Offline H0sseiN

  • Newbie
  • *
  • Posts: 8
Re: Comodo rules for LiteSpeed
« Reply #42 on: April 07, 2017, 04:11:11 PM »
Is this can be related with cPanel update?

Maybe, because cpanel version is also the latest version 62.0 (build 20) but the problem will solved when I disable COMODO ModSecurity LiteSpeed Rule Set

Offline ezynic

  • Newbie
  • *
  • Posts: 16
Re: Comodo rules for LiteSpeed
« Reply #43 on: April 08, 2017, 03:57:49 PM »
I had to disable rule 217270 because it was causing hundreds of false positives.

Offline Hedloff

  • Comodo Loves me
  • ****
  • Posts: 149
Re: Comodo rules for LiteSpeed
« Reply #44 on: April 09, 2017, 04:04:43 PM »
I had to disable rule 217270 because it was causing hundreds of false positives.

Yes, I also had to disable it.
But after last rule update alot of categories where enabled and this rule was in one of those categories that we had disabled before. So I disabled it again and everything is working fine again.

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek