Comodo WAF for DirectAdmin

[Naruto_Xboy]

Hi

Can you please try to run this command from unprivileged user cwaf_plugin ?
Login to this account with
# su - cwaf_plugin
and run
$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl da_get_domainlist
$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl check_modsec_loaded
$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl da_get_version

It may require to modify your /etc/passwd changing shell setting for this user from /bin/false or /sbin/nologin to other shell

thank you for support me ^^
i'm try run command
cat /etc/passwd

result here with many account
cwaf_plugin:x:493:492::/home/cwaf_plugin:/sbin/nologin
clamav:x:492:491::/home/clamav:/bin/false
...................

and run  su - cwaf_plugin
so have error
[root[at]sv ~]# su - cwaf_plugin
This account is currently not available.

[oleg.tsygany]

Hi

Change this line in /etc/passwd

cwaf_plugin:x:493:492::/home/cwaf_plugin:/sbin/nologin

replacing /sbin/nologin with other shell (F.e. with /bin/bash)

This will allow you to run su - cwaf_plugin command

Regards, Oleg

[Naruto_Xboy]

Hi

Change this line in /etc/passwdreplacing /sbin/nologin with other shell (F.e. with /bin/bash)

This will allow you to run su - cwaf_plugin command

Regards, Oleg

Hi,
After edit line in /etc/paswd to /bin/bash

i run command and it is result

Code: [Select]

[root[at]sv ~]# su - cwaf_plugin
-bash: /bin/uname: Permission denied
-bash-4.1$
-bash-4.1$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl da_get_domainlist
techview.vn
-bash-4.1$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl check_modsec_loaded
 security2_module (shared)
-bash-4.1$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl da_get_version
cwaf_rules:1.28:3f9ac47fd8d75878b0089bc39f526f18
-bash-4.1$

but have error (( CWAF not connection
Current rules version    1.28 (Latest version) Restore rules
CWAF plugin version    2.7 (Connection error: )

[oleg.tsygany]

Hi

Seems this can take a long time.
Can you please provide us ssh access to this box?
I will PM you required contact info.

Regards, Oleg

[oleg.tsygany]

Hi Naruto_Xboy

Thank you for access provided.
Problem was because in older version of DirectAdmin CWAF plugin worked as logged in user  instead of special user 'cwaf_plugin'.
I will add required changes to installation script and next release of CWAF client will fix this problem.
Meanwhile I will send you detailed instruction what to change in current version of plugin so it will work as expected.

Best regards, Oleg

[oleg.tsygany]

Attention to DirectAdmin users 

CWAF plugin will work wrong if your DirectAdmin version is lower than 1.45.3
For details please see this topic: http://www.directadmin.com/features.php?id=1594
Please update your DirectAdmin to latest version (update is free of charge) if you experienced plugin problems.
We will improve CWAF plugin so it will work on older DerectAdmin versions.

[interfasys]

I wasn't able to upgrade from 2.7 to 2.8 from the plugin, but it worked flawlessly using custombuild.

Unfortunately I did not look at the logs before using custombuild, so I don't have more information to submit.

[ben29]

on directadmin panel i get the meesage

Code: [Select]

Can't locate Comodo/CWAF/Main.pm in [at]INC ([at]INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 10.
BEGIN failed--compilation aborted at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 10.

[oleg.tsygany]

on directadmin panel i get the meesage

Code: [Select]

Can't locate Comodo/CWAF/Main.pm in [at]INC ([at]INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 10.
BEGIN failed--compilation aborted at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 10.

Hi

Do you have custom Perl install?
Please change file /usr/local/directadmin/plugins/comodo_waf/admin/index.html to point to system Perl
Line 4:
 $file = "perl /usr/local/directadmin/plugins/comodo_waf/admin/index.pl 2>&1";
should be changed to:
 $file = "/usr/bin/perl /usr/local/directadmin/plugins/comodo_waf/admin/index.pl 2>&1";

This issue will be fixed in next version of plugin.

Regards, Oleg

[interfasys]

Still not possible to upgrade from the DA control panel.
Nothing useful in the logs

Code: [Select]

13/06/15 10:57:49 update-client[95038]  Running update command: bash /usr/local/cwaf/tmp/install/cwaf_client_install.sh -- --update --mode auto
13/06/15 10:57:49 update-client[95038]  ERROR: can't run install script(error )

[oleg.tsygany]

Hi interfasys

Please try to update plugin manually:
# wget https://waf.comodo.com/cpanel/cwaf_client_install.sh
# bash ./cwaf_client_install.sh -- --update

Maybe your FreeBSD doesn't contain required packages.
Please let me know if updates will be not performed after upgrading to latest plugin version (which is 2.9 at the moment).

Console commands to test update:
# echo 1 > /usr/local/cwaf/etc/version.dat
# /usr/local/cwaf/scripts/update-client.pl

Regards, Oleg

[vadim]

Starting from CWAF client version 2.12 all DirectAdmin users with LiteSpeed Web Server can use Comodo WAF protection.

Just install last version of CustomBuild and choose Comodo Rules for LiteSpeed Web Server and rebuild ModSecurity rules.

[OllieMackj]

I am on freebsd 9.2 with comodo waf 2.13 plugin

Plugin Protection Wizard hangs when I click on next button, then it just stays there and nothing happens

This is what I see:

Protection Tree
Please Check Categories/Groups/Rules you like to protect.

Loading....

And the loading never stops....

[oleg.tsygany]

Hi

If you have something like Firebug plugin, can you please check what server response for hanging request.
It can be permission issue, FreeBSD is strict system.

Thank you in advance,
Regards, Oleg

[OllieMackj]

This is what I see in firebug console persist

Code: [Select]

CGI will be removed from the Perl core distribution in the next major release. Please install it from
 CPAN. It is being used at /usr/local/cwaf/web/cwaf_sharedlib.pl, line 1.
CGI::Util will be removed from the Perl core distribution in the next major release. Please install it
 from CPAN. It is being used at /usr/local/lib/perl5/5.20/CGI.pm, line 29.
Status: 200 OK