Author Topic: Comodo rules for Nginx  (Read 3186 times)

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 339
Comodo rules for Nginx
« on: April 20, 2015, 05:52:08 AM »
Initialization version of Comodo protection rules for Nginx (from the version 1.6.3) has been released.

You may login to Comodo WAF interface: https://waf.comodo.com

Choose source "Nginx" and download latest rules (Latest release: 1.01).

Now, during installation of CWAF on your server you may choose Nginx Web Platform. It will be detected automatically and Comodo rules will be included to your ModSecurity protection configuration.

CWAF client version 2.7 with support Nginx platform has also been released.
« Last Edit: April 20, 2015, 06:27:17 AM by vadim »
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline H0sseiN

  • Newbie
  • *
  • Posts: 8
Re: Comodo rules for Nginx
« Reply #1 on: November 14, 2016, 07:54:31 AM »
I installed the comodo waf via directadmin custombuild for reverse proxy apache_nginx webserver. Now the problem is gzip and expires headers doesn't work! They are beginning to work after I disable modsecurity. Any idea ?

Offline akabakov

  • Comodo's Hero
  • *****
  • Posts: 375
Re: Comodo rules for Nginx
« Reply #2 on: November 14, 2016, 03:57:17 PM »
ModSecurity doesn't "understand" any kind of compression.
For example: https://github.com/SpiderLabs/ModSecurity/issues/821
About expires headers we don't have information yet.

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 339
We are glad to announce the initial free version of Comodo protection rules for Nginx + ModSecurity 3.0.

To download the Rule Set please perform the following actions:

  • Log-in to your CWAF web UI at https://waf.comodo.com
  • Ensure that the 'Rule set version' tab is opened.
  • Select the correspondent source - "Nginx/ModSec_3.0".
  • Click 'Download full rules set' to download the full set of the selected version. The download dialog will be displayed.
  • Click 'Save' to save the compressed rule set package file in gzip file format (.tgz) format in a local drive.

You may configure your Nginx server with ModSecurity 3.0 and Comodo WAF using the next steps:

  • Extract the rule set package files and transfer them to a local server folder,  e.g.  to /usr/local/cwaf/rules/
  • Modify the modsecurity configuration file to include the CWAF Rules. Add the similar row with correct path for the Rule Set main configuration file to modescurity configuation file, e.g.

    Include /usr/local/cwaf/rules/rules.conf.main

  • Perform the configuration test:

    nginx -t

    Correct result:

    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful


  • Reload the nginx service to activate the rules:

    nginx -s reload

Please send us your feedback to improve CWAF rules for this new platform.

CWAF Plugin with support Mod Security 3.0 will be released soon.
« Last Edit: March 14, 2018, 10:38:58 AM by vadim »
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek