Author Topic: Comodo WAF for DirectAdmin  (Read 15905 times)

Offline Naruto_Xboy

  • Newbie
  • *
  • Posts: 5
Re: Comodo WAF for DirectAdmin
« Reply #30 on: May 13, 2015, 07:27:53 AM »
Hi

Can you please try to run this command from unprivileged user cwaf_plugin ?
Login to this account with
# su - cwaf_plugin
and run
$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl da_get_domainlist
$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl check_modsec_loaded
$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl da_get_version

It may require to modify your /etc/passwd changing shell setting for this user from /bin/false or /sbin/nologin to other shell


thank you for support me ^^
i'm try run command
cat /etc/passwd

result here with many account
cwaf_plugin:x:493:492::/home/cwaf_plugin:/sbin/nologin
clamav:x:492:491::/home/clamav:/bin/false
...................

and run  su - cwaf_plugin
so have error :(
[root[at]sv ~]# su - cwaf_plugin
This account is currently not available.


Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #31 on: May 13, 2015, 07:55:04 AM »
Hi

Change this line in /etc/passwd
Quote
cwaf_plugin:x:493:492::/home/cwaf_plugin:/sbin/nologin
replacing /sbin/nologin with other shell (F.e. with /bin/bash)

This will allow you to run su - cwaf_plugin command

Regards, Oleg

Offline Naruto_Xboy

  • Newbie
  • *
  • Posts: 5
Re: Comodo WAF for DirectAdmin
« Reply #32 on: May 17, 2015, 03:38:38 PM »
Hi

Change this line in /etc/passwdreplacing /sbin/nologin with other shell (F.e. with /bin/bash)

This will allow you to run su - cwaf_plugin command

Regards, Oleg

Hi,
After edit line in /etc/paswd to /bin/bash

i run command and it is result
Code: [Select]
[root[at]sv ~]# su - cwaf_plugin
-bash: /bin/uname: Permission denied
-bash-4.1$
-bash-4.1$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl da_get_domainlist
techview.vn
-bash-4.1$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl check_modsec_loaded
 security2_module (shared)
-bash-4.1$ sudo /usr/local/cwaf/scripts/cwaf-wrapper.pl da_get_version
cwaf_rules:1.28:3f9ac47fd8d75878b0089bc39f526f18
-bash-4.1$

but have error :((( CWAF not connection
Current rules version    1.28 (Latest version) Restore rules
CWAF plugin version    2.7 (Connection error: )

Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #33 on: May 18, 2015, 04:15:46 AM »
Hi

Seems this can take a long time.
Can you please provide us ssh access to this box?
I will PM you required contact info.

Regards, Oleg

Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #34 on: May 19, 2015, 10:10:21 AM »
Hi Naruto_Xboy

Thank you for access provided.
Problem was because in older version of DirectAdmin CWAF plugin worked as logged in user  instead of special user 'cwaf_plugin'.
I will add required changes to installation script and next release of CWAF client will fix this problem.
Meanwhile I will send you detailed instruction what to change in current version of plugin so it will work as expected.

Best regards, Oleg

Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #35 on: May 20, 2015, 04:22:12 AM »
Attention to DirectAdmin users  :)

CWAF plugin will work wrong if your DirectAdmin version is lower than 1.45.3
For details please see this topic: http://www.directadmin.com/features.php?id=1594
Please update your DirectAdmin to latest version (update is free of charge) if you experienced plugin problems.
We will improve CWAF plugin so it will work on older DerectAdmin versions.

Offline interfasys

  • Newbie
  • *
  • Posts: 11
Re: Comodo WAF for DirectAdmin
« Reply #36 on: May 22, 2015, 11:07:18 AM »
I wasn't able to upgrade from 2.7 to 2.8 from the plugin, but it worked flawlessly using custombuild.

Unfortunately I did not look at the logs before using custombuild, so I don't have more information to submit.
FreeBSD - DirectAdmin - Apache

Offline ben29

  • Newbie
  • *
  • Posts: 4
Re: Comodo WAF for DirectAdmin
« Reply #37 on: May 23, 2015, 04:26:57 PM »
on directadmin panel i get the meesage
Code: [Select]
Can't locate Comodo/CWAF/Main.pm in [at]INC ([at]INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 10.
BEGIN failed--compilation aborted at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 10.

Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #38 on: May 24, 2015, 04:34:37 AM »
on directadmin panel i get the meesage
Code: [Select]
Can't locate Comodo/CWAF/Main.pm in [at]INC ([at]INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 10.
BEGIN failed--compilation aborted at /usr/local/directadmin/plugins/comodo_waf/admin/index.pl line 10.

Hi

Do you have custom Perl install?
Please change file /usr/local/directadmin/plugins/comodo_waf/admin/index.html to point to system Perl
Line 4:
 $file = "perl /usr/local/directadmin/plugins/comodo_waf/admin/index.pl 2>&1";
should be changed to:
 $file = "/usr/bin/perl /usr/local/directadmin/plugins/comodo_waf/admin/index.pl 2>&1";

This issue will be fixed in next version of plugin.

Regards, Oleg

Offline interfasys

  • Newbie
  • *
  • Posts: 11
Re: Comodo WAF for DirectAdmin
« Reply #39 on: June 13, 2015, 07:03:42 AM »
Still not possible to upgrade from the DA control panel.
Nothing useful in the logs

Code: [Select]
13/06/15 10:57:49 update-client[95038]  Running update command: bash /usr/local/cwaf/tmp/install/cwaf_client_install.sh -- --update --mode auto
13/06/15 10:57:49 update-client[95038]  ERROR: can't run install script(error )

FreeBSD - DirectAdmin - Apache

Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #40 on: June 14, 2015, 06:29:32 AM »
Hi interfasys

Please try to update plugin manually:
# wget https://waf.comodo.com/cpanel/cwaf_client_install.sh
# bash ./cwaf_client_install.sh -- --update


Maybe your FreeBSD doesn't contain required packages.
Please let me know if updates will be not performed after upgrading to latest plugin version (which is 2.9 at the moment).

Console commands to test update:
# echo 1 > /usr/local/cwaf/etc/version.dat
# /usr/local/cwaf/scripts/update-client.pl


Regards, Oleg

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 338
Starting from CWAF client version 2.12 all DirectAdmin users with LiteSpeed Web Server can use Comodo WAF protection.

Just install last version of CustomBuild and choose Comodo Rules for LiteSpeed Web Server and rebuild ModSecurity rules.
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline OllieMackj

  • Newbie
  • *
  • Posts: 3
Re: Comodo WAF for DirectAdmin
« Reply #42 on: September 12, 2015, 05:56:46 AM »
I am on freebsd 9.2 with comodo waf 2.13 plugin

Plugin Protection Wizard hangs when I click on next button, then it just stays there and nothing happens

This is what I see:

Protection Tree
Please Check Categories/Groups/Rules you like to protect.

Loading....

And the loading never stops....


Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #43 on: September 12, 2015, 10:20:20 AM »
Hi

If you have something like Firebug plugin, can you please check what server response for hanging request.
It can be permission issue, FreeBSD is strict system.

Thank you in advance,
Regards, Oleg

Offline OllieMackj

  • Newbie
  • *
  • Posts: 3
Re: Comodo WAF for DirectAdmin
« Reply #44 on: September 12, 2015, 11:13:45 AM »
This is what I see in firebug console persist
Code: [Select]
CGI will be removed from the Perl core distribution in the next major release. Please install it from
 CPAN. It is being used at /usr/local/cwaf/web/cwaf_sharedlib.pl, line 1.
CGI::Util will be removed from the Perl core distribution in the next major release. Please install it
 from CPAN. It is being used at /usr/local/lib/perl5/5.20/CGI.pm, line 29.
Status: 200 OK
« Last Edit: September 12, 2015, 05:44:11 PM by OllieMackj »

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek