Pages: [1]   Go Down

Author Topic: Comodo rules for Nginx  (Read 4429 times)

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 339
Comodo rules for Nginx
« on: April 20, 2015, 05:52:08 AM »
Initialization version of Comodo protection rules for Nginx (from the version 1.6.3) has been released.

You may login to Comodo WAF interface: https://waf.comodo.com

Choose source "Nginx" and download latest rules (Latest release: 1.01).

Now, during installation of CWAF on your server you may choose Nginx Web Platform. It will be detected automatically and Comodo rules will be included to your ModSecurity protection configuration.

CWAF client version 2.7 with support Nginx platform has also been released.
« Last Edit: April 20, 2015, 06:27:17 AM by vadim »
Logged
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline H0sseiN

  • Newbie
  • *
  • Posts: 8
Re: Comodo rules for Nginx
« Reply #1 on: November 14, 2016, 07:54:31 AM »
I installed the comodo waf via directadmin custombuild for reverse proxy apache_nginx webserver. Now the problem is gzip and expires headers doesn't work! They are beginning to work after I disable modsecurity. Any idea ?
Logged

Offline akabakov

  • Comodo's Hero
  • *****
  • Posts: 375
Re: Comodo rules for Nginx
« Reply #2 on: November 14, 2016, 03:57:17 PM »
ModSecurity doesn't "understand" any kind of compression.
For example: https://github.com/SpiderLabs/ModSecurity/issues/821
About expires headers we don't have information yet.
Logged

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 339
Initial free version of Comodo protection rules for Nginx + ModSecurity 3.0
« Reply #3 on: March 14, 2018, 10:36:23 AM »
We are glad to announce the initial free version of Comodo protection rules for Nginx + ModSecurity 3.0.

To download the Rule Set please perform the following actions:

  • Log-in to your CWAF web UI at https://waf.comodo.com
  • Ensure that the 'Rule set version' tab is opened.
  • Select the correspondent source - "Nginx/ModSec_3.0".
  • Click 'Download full rules set' to download the full set of the selected version. The download dialog will be displayed.
  • Click 'Save' to save the compressed rule set package file in gzip file format (.tgz) format in a local drive.

You may configure your Nginx server with ModSecurity 3.0 and Comodo WAF using the next steps:

  • Extract the rule set package files and transfer them to a local server folder,  e.g.  to /usr/local/cwaf/rules/
  • Modify the modsecurity configuration file to include the CWAF Rules. Add the similar row with correct path for the Rule Set main configuration file to modescurity configuation file, e.g.

    Include /usr/local/cwaf/rules/rules.conf.main

  • Perform the configuration test:

    nginx -t

    Correct result:

    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful

  • Reload the nginx service to activate the rules:

    nginx -s reload

Please send us your feedback to improve CWAF rules for this new platform.

CWAF Plugin with support Mod Security 3.0 will be released soon.
« Last Edit: March 14, 2018, 10:38:58 AM by vadim »
Logged
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline keeper of the grove

  • Newbie
  • *
  • Posts: 1
Re: Initial free version of Comodo protection rules for Nginx + ModSecurity 3.0
« Reply #4 on: September 13, 2018, 04:33:35 PM »
Quote from: vadim on March 14, 2018, 10:36:23 AM
We are glad to announce the initial free version of Comodo protection rules for Nginx + ModSecurity 3.0.

To download the Rule Set please perform the following actions:

  • Log-in to your CWAF web UI at https://waf.comodo.com
  • Ensure that the 'Rule set version' tab is opened.
  • Select the correspondent source - "Nginx/ModSec_3.0".
  • Click 'Download full rules set' to download the full set of the selected version. The download dialog will be displayed.
  • Click 'Save' to save the compressed rule set package file in gzip file format (.tgz) format in a local drive.


For the above I'd like to elaborate a little more on number three -
You NEED to select the proper rule set for your web server platform - the rules are not the same for every platform.  It is not readily apparent but there is a drop down box where you should select  "Nginx/ModSec_3.0"
Logged

Offline heliostorm

  • Newbie
  • *
  • Posts: 3
Re: Comodo rules for Nginx
« Reply #5 on: March 10, 2019, 04:28:38 PM »
Hi guys,

I use webmin on Centos 7 with nginx+modsecurity 3. I just installed the plugin, but I see the plugin as autmatically downloaded the rules for modsec 2.x and not modsec 3.x.

Does the current plugin support nginx/modsec 3.x yet? If not, do you know when support will be added?

The most important thing for me is to be able to automatically update the rules every week. Is there a way of using wget to download the latest version of the nginx/modsec3 rules directly so that I can create a custom cron job?

Thanks!
Logged

Offline maryprincyedward

  • Newbie
  • *
  • Posts: 21
Re: Comodo rules for Nginx
« Reply #6 on: March 19, 2019, 07:20:13 AM »
Quote from: heliostorm on March 10, 2019, 04:28:38 PM
Hi guys,

I use webmin on Centos 7 with nginx+modsecurity 3. I just installed the plugin, but I see the plugin as autmatically downloaded the rules for modsec 2.x and not modsec 3.x.

Does the current plugin support nginx/modsec 3.x yet? If not, do you know when support will be added?

The most important thing for me is to be able to automatically update the rules every week. Is there a way of using wget to download the latest version of the nginx/modsec3 rules directly so that I can create a custom cron job?

Thanks!

Hello,

As of now CWAF plugin supports rules for DirectAdmin + nginx + modsecurity 3. We have requested developers to add Webmin+modsec3 support to CWAF plugin.
Logged
Pages: [1]   Go Up
 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek