Author Topic: Comodo WAF for DirectAdmin (Read 61293 times)

imaginable · « **Reply #120 on:** June 03, 2019, 03:55:06 PM »

Is this plugin compatible with Direct Admin with OpenLiteSpeed? I've been in touch with Direct Admin support and they've forwarded me to this forum.

I'm trying to deploy a CentOS 7 server with Direct Admin and OpenLiteSpeed installed an installing ModSecurity + COMODO rules are a must. The problem is that I'm facing some issues doing it through the CWAF DA plugin, but it throws this error when accessing "Comodo WAF 2.24.3" in "Admin level":

Code: [Select]

cp: cannot stat '/etc/httpd/conf/extra/httpd-modsecurity.conf': No such file or directory
chown: cannot access '/usr/local/cwaf/conf/modsec2_plugin.conf': No such file or directory
can't read config /usr/local/cwaf/conf/modsec2_plugin.conf at /usr/local/cwaf/modules/CPAN/lib/Comodo/CWAF/ModSecurity.pm line 75.
Compilation failed in require at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 13.
BEGIN failed--compilation aborted at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 13.

Here is more info:

Code: [Select]

Installed version of DirectAdmin: 1.57.0
Installed version of Custombuild: 2.0.0 (rev: 2119)
Installed version of OpenLiteSpeed: 1.4.47
Installed version of Comodo WAF: 2.24.3

Here's the cwaf_install.log extract (I can send the full to you in private if needed):

Code: [Select]

29-05-2019 12:08:59 Starting the installation
29-05-2019 12:08:59 ----------------Checking Apache-----------------------
29-05-2019 12:08:59 Found APACHE2CTL ''
29-05-2019 12:08:59 No APACHECTL found
29-05-2019 12:08:59 WARNING: Syntax error in Apache config file
29-05-2019 12:08:59 No MODSECURITY detected
29-05-2019 12:08:59 ---------------Checking LiteSpeed---------------------
29-05-2019 12:08:59 Found LiteSpeed version 1.4.47 Open (built: Thu May  9 15:05:35 UTC 2019)
29-05-2019 12:08:59 Mod Security NOT supported in this version of LiteSpeed
29-05-2019 12:08:59 -----------------Checking Nginx-----------------------
29-05-2019 12:08:59 Nginx binary /usr/local/nginx/sbin/nginx not found!
29-05-2019 12:08:59 ------------------------------------------------------
29-05-2019 12:08:59 No suitable LiteSpeed/Nginx web servers found.
29-05-2019 12:08:59 Assigning WEB Platform: Apache
29-05-2019 12:08:59 No cPanel found
29-05-2019 12:08:59 No Plesk found
29-05-2019 12:08:59 Found DirectAdmin version v.1.57.0
29-05-2019 12:08:59 Using PERL /bin/perl
29-05-2019 12:08:59 Using CPAN /bin/cpan

Thank you in advance.

maryprincyedward · « **Reply #121 on:** June 04, 2019, 08:48:52 AM »

Hi,

Could you please send the whole log for this issue?

Thanks.

Quote from: imaginable on June 03, 2019, 03:55:06 PM

Is this plugin compatible with Direct Admin with OpenLiteSpeed? I've been in touch with Direct Admin support and they've forwarded me to this forum.

I'm trying to deploy a CentOS 7 server with Direct Admin and OpenLiteSpeed installed an installing ModSecurity + COMODO rules are a must. The problem is that I'm facing some issues doing it through the CWAF DA plugin, but it throws this error when accessing "Comodo WAF 2.24.3" in "Admin level":

Code: [Select]
cp: cannot stat '/etc/httpd/conf/extra/httpd-modsecurity.conf': No such file or directory chown: cannot access '/usr/local/cwaf/conf/modsec2_plugin.conf': No such file or directory can't read config /usr/local/cwaf/conf/modsec2_plugin.conf at /usr/local/cwaf/modules/CPAN/lib/Comodo/CWAF/ModSecurity.pm line 75. Compilation failed in require at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 13. BEGIN failed--compilation aborted at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 13.
Here is more info:
Code: [Select]
Installed version of DirectAdmin: 1.57.0 Installed version of Custombuild: 2.0.0 (rev: 2119) Installed version of OpenLiteSpeed: 1.4.47 Installed version of Comodo WAF: 2.24.3
Here's the cwaf_install.log extract (I can send the full to you in private if needed):
Code: [Select]
29-05-2019 12:08:59 Starting the installation 29-05-2019 12:08:59 ----------------Checking Apache----------------------- 29-05-2019 12:08:59 Found APACHE2CTL '' 29-05-2019 12:08:59 No APACHECTL found 29-05-2019 12:08:59 WARNING: Syntax error in Apache config file 29-05-2019 12:08:59 No MODSECURITY detected 29-05-2019 12:08:59 ---------------Checking LiteSpeed--------------------- 29-05-2019 12:08:59 Found LiteSpeed version 1.4.47 Open (built: Thu May 9 15:05:35 UTC 2019) 29-05-2019 12:08:59 Mod Security NOT supported in this version of LiteSpeed 29-05-2019 12:08:59 -----------------Checking Nginx----------------------- 29-05-2019 12:08:59 Nginx binary /usr/local/nginx/sbin/nginx not found! 29-05-2019 12:08:59 ------------------------------------------------------ 29-05-2019 12:08:59 No suitable LiteSpeed/Nginx web servers found. 29-05-2019 12:08:59 Assigning WEB Platform: Apache 29-05-2019 12:08:59 No cPanel found 29-05-2019 12:08:59 No Plesk found 29-05-2019 12:08:59 Found DirectAdmin version v.1.57.0 29-05-2019 12:08:59 Using PERL /bin/perl 29-05-2019 12:08:59 Using CPAN /bin/cpan
Thank you in advance.

imaginable · « **Reply #122 on:** June 04, 2019, 09:27:33 AM »

Sure, I've seen that the install log doesn't include any sensitive information, so I think it's safe to attach it here.

Quote from: maryprincyedward on June 04, 2019, 08:48:52 AM

Hi,

Could you please send the whole log for this issue?

Thanks.

imaginable · « **Reply #123 on:** June 20, 2019, 03:00:48 PM »

Is there any news on this? Feel free to contact me if you need more details/logs/info.

zero-f · « **Reply #124 on:** March 08, 2020, 12:46:44 PM »

Hi everyone
For more than a month, comodo rules has not been updated. (directadmin)
Updates were given much faster before
Is there a problem with this?

sufiyanshaikh · « **Reply #125 on:** April 24, 2020, 02:40:33 PM »

Hello,

I am facing one issue in Comodo WAF in DA

===========================
Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client xxx.xx.xx.xxx] ModSecurity: Request body no files data length is larger than the configured limit (131072). [hostname "example.com"] [uri "/webservices/form_submit/"] [unique_id "XqL9CgEkOhrpnaeq7owABBQE"]
===========================

Please help me to solve this issue
I tired searching but I was not able to solve the issue because a solution is nowhere present for Comodo in DA.

Cwaf_Team · « **Reply #126 on:** May 07, 2020, 10:59:58 AM »

Hello,
you should update SecRequestBodyLimit to a bigger value.

maxibi · « **Reply #127 on:** June 19, 2020, 09:25:47 PM »

I got a blank page when install this plugin using apache_nginx as reverse proxy.

All folders are set to 755 and files are set to 644 in /usr/local/directadmin/plugins/comodo_waf

Both nginx and apache are running fine without error

Screenshot:

I did test whether mod_security is working of my site to see if the log is generated: curl "http://mywebsite.com/?q='1 OR 1=1"
I check tail -f /var/log/nginx/modsec_audit.log and seems like it's generated a log "[{"message":"COMODO WAF: SQLmap attack detected"

So seems like it's working detecting the rule but the plugin is blank on DA interface.

maxibi · « **Reply #128 on:** June 21, 2020, 09:38:30 AM »

After struggling doing magic thing to solve the blank page problem which has no log generated, Now I got the following error when heading to the waf GUI. Is there a way to fix this?

Can't locate CGI.pm: /usr/local/lib64/perl5/CGI.pm: Permission denied at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 3.
BEGIN failed--compilation aborted at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 3.

These are the things that I have done:

yum install perl-CGI (also I did yum remove perl-CGI and yum install perl-CGI)

Change the perl permission: chmod +x /usr/bin/perl

but non is working.. any idea ?

Edit:

Ok now I understand that CGI.pm is outdated technology and seems like the installation perl on CentOS 8 doesn't include this CGI.pm file https://perlhacks.com/2015/12/long-death-cgi-pm/ . Maybe we don't have this solution anymore?

So, I also heard from the DA support that this plugin has lack of support and they are going to drop it soon because too many complains about it which has never been solved (just the plugin support not the rule sets)

Good news to DA users, the new version of Directadmin will include a native MOD SECURITY UI but still use comodo ruleset. It has been release in the pre-release here: https://www.directadmin.com/features.php?id=2822

Cwaf_Team · « **Reply #129 on:** July 17, 2020, 09:34:05 AM »

unfortunately cwaf plugin available only in standalone mode

RAPIDENET · « **Reply #130 on:** April 18, 2021, 06:40:59 PM »

since fews days or fews weeks all directadmin server in the world cannot install or update comodo waf

look this topic :

https://forum.directadmin.com/threads/version-of-cwaf-rules-not-found-in-versions-cwaf-txt.63527/

why ?

peterl · « **Reply #131 on:** May 05, 2021, 06:38:07 AM »

Is this product dead?

Author Topic: Comodo WAF for DirectAdmin (Read 61293 times)

imaginable

Re: Comodo WAF for DirectAdmin

maryprincyedward

Re: Comodo WAF for DirectAdmin

imaginable

Re: Comodo WAF for DirectAdmin

imaginable

Re: Comodo WAF for DirectAdmin

zero-f

Re: Comodo WAF for DirectAdmin

sufiyanshaikh

Re: Comodo WAF for DirectAdmin

Cwaf_Team

Re: Comodo WAF for DirectAdmin

maxibi

Re: Comodo WAF for DirectAdmin

maxibi

Re: Comodo WAF for DirectAdmin

Cwaf_Team

Re: Comodo WAF for DirectAdmin

RAPIDENET

Re: Comodo WAF for DirectAdmin

peterl

Re: Comodo WAF for DirectAdmin