Author Topic: Comodo WAF for DirectAdmin  (Read 15868 times)

Offline drkt

  • Newbie
  • *
  • Posts: 4
Re: Comodo WAF for DirectAdmin
« Reply #75 on: August 05, 2016, 02:10:42 PM »
Hi

it's possible that every customer (Directadmin) can exclude the rules on their website ?

Thanks

Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #76 on: August 06, 2016, 02:28:24 AM »
Yes it possible to achieve this by adding mod_security directives (SecRuleRemoveById) to VirtualHost container for customers.
The most promising file to add this directives is  /usr/local/directadmin/data/users/<UERNAME>/httpd.conf

But after adding directives Apache/Nginx reload required so site admin should be involved anyway.

Offline drkt

  • Newbie
  • *
  • Posts: 4
Re: Comodo WAF for DirectAdmin
« Reply #77 on: August 06, 2016, 02:45:03 AM »
Hi!

ok but you do not think soon built a user interface ?

Thanks

Offline oleg.tsygany

  • Comodo's Hero
  • *****
  • Posts: 275
Re: Comodo WAF for DirectAdmin
« Reply #78 on: August 07, 2016, 03:07:51 PM »
I'm afraid no.
We're busy with other product - cWatch Web which have such feature (website customers can add rules to exclude list).
But this functionality available for cPanel hosts only yet.

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1498
  • BETA FORCE MEMBER
Re: Comodo WAF for DirectAdmin
« Reply #79 on: August 08, 2016, 06:01:26 AM »
I'm afraid no.
We're busy with other product - cWatch Web which have such feature (website customers can add rules to exclude list).
But this functionality available for cPanel hosts only yet.

What is the difference between cWatch and CWAF?
And is there a way to test/trial cWatch?

Offline akabakov

  • Comodo's Hero
  • *****
  • Posts: 375
Re: Comodo WAF for DirectAdmin
« Reply #80 on: August 09, 2016, 11:36:11 AM »
cWatch is software to monitor and analyze network traffic, not only potentially dangerous requests as ModSecurity does.
This product is being developed now, so we cannot present it for testing yet.
 

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1498
  • BETA FORCE MEMBER
Re: Comodo WAF for DirectAdmin
« Reply #81 on: August 12, 2016, 07:01:23 AM »
cWatch is software to monitor and analyze network traffic, not only potentially dangerous requests as ModSecurity does.
This product is being developed now, so we cannot present it for testing yet.

Interesting product indeed. But if it cannot be presented for testing yet why is it being sold?
https://cwatch.comodo.com/pricing.php?s_track=7639

And final question would be if cWatch is a bundle/suite of HakerGuardian, WAF and WebInspector?

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 338
Re: Comodo WAF for DirectAdmin
« Reply #82 on: August 15, 2016, 08:39:19 AM »
Quote
Interesting product indeed. But if it cannot be presented for testing yet why is it being sold?
https://cwatch.comodo.com/pricing.php?s_track=7639

cWatch Web is currently being developed by our teams and so is the website of the product. It will be released very soon and open for sales/demo/testing etc.

Quote
And final question would be if cWatch is a bundle/suite of HakerGuardian, WAF and WebInspector?

We can define cWatch Web as Website Security as a Service product in which customers will be able to benefit from Comodo Security Operation Center (SOC)  services such as incident handling, FP removal, ticket support, malware clean etc. in addition to the features like WAF protection, scanning, security status check, compliance and so on. Please visit our website periodically which will be renewed soon with the latest design and information.

You may also share your e-mail address with us and we can notify you about the status of our upcoming product.
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1498
  • BETA FORCE MEMBER
Re: Comodo WAF for DirectAdmin
« Reply #83 on: August 16, 2016, 03:00:22 AM »
cWatch Web is currently being developed by our teams and so is the website of the product. It will be released very soon and open for sales/demo/testing etc.

We can define cWatch Web as Website Security as a Service product in which customers will be able to benefit from Comodo Security Operation Center (SOC)  services such as incident handling, FP removal, ticket support, malware clean etc. in addition to the features like WAF protection, scanning, security status check, compliance and so on. Please visit our website periodically which will be renewed soon with the latest design and information.

You may also share your e-mail address with us and we can notify you about the status of our upcoming product.

Great! Should I private you my email address?

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 338
Re: Comodo WAF for DirectAdmin
« Reply #84 on: August 16, 2016, 03:50:03 AM »
Quote
Great! Should I private you my email address?

Yes, please. We'll send you all important information about this new project.

And don't be afraid to spam  :)
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1498
  • BETA FORCE MEMBER
Re: Comodo WAF for DirectAdmin
« Reply #85 on: August 24, 2016, 02:34:16 PM »
Yes, please. We'll send you all important information about this new project.

And don't be afraid to spam  :)

Thanks Vadim, I have sent you my email address.

I am curious about this project :)

Offline matkra

  • Newbie
  • *
  • Posts: 2
Re: Comodo WAF for DirectAdmin
« Reply #86 on: March 21, 2017, 05:30:02 AM »
Hello,

I would like to asked if there are any chances for building user space plugin for Comodo WAF for DirectAdmin ?
In my opinion it's a crucial functionality required for deploying WAF on hosting servers.

Thanks

Hi!

ok but you do not think soon built a user interface ?

Thanks

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 338
Re: Comodo WAF for DirectAdmin
« Reply #87 on: March 21, 2017, 05:38:43 AM »
I would like to asked if there are any chances for building user space plugin for Comodo WAF for DirectAdmin ?
In my opinion it's a crucial functionality required for deploying WAF on hosting servers.

Yes, you are absolutely right. We have this task in our backlog, but unfortunately we don't have enough resources for now for this task. So, I can't provide any timeline for now.
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline vadim

  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 338
Re: Comodo WAF for DirectAdmin
« Reply #88 on: March 28, 2017, 12:29:55 AM »

I would like to asked if there are any chances for building user space plugin for Comodo WAF for DirectAdmin ?
In my opinion it's a crucial functionality required for deploying WAF on hosting servers.


Last week we discussed technical details with DirectAdmin lead and seems we can develop and include initial version of user space plugin to one of our near future releases.

Please provide us your vision about the most important functionality for the user plugin.
--
Vadim Lvovskiy
Development Manager
COMODO Group Inc.

Offline matkra

  • Newbie
  • *
  • Posts: 2
Re: Comodo WAF for DirectAdmin
« Reply #89 on: March 29, 2017, 09:23:19 AM »

Please provide us your vision about the most important functionality for the user plugin.


Thank you for your quick and positive response.

In my opinion the most important is a user friendliness. That means in general that the plugin has to be easy to use by an average hosting account user with no expert knowledge in security.
Simplification does not exclude, however, that advanced users can't find more advanced settings.

My suggested features:

- general WAF on/off/detectonly switch - enables/disables all existing security features
- security engine enabled/disabled per user domains
- advanced settings with custom rules, whitelisted agents, blocked agents, whitelisted domains etc.
- status with read-only information about loaded rules/categories
- tabs "Catalog" and "Protection Wizard" from admin level plugin combined into one e.g. "Protection" with just drop down list from current "Protection Tree"
- notification system with ability of sending e-mail about new/updated rules, categories or triggered actions
- log with recent actions stored in user’s home directory to meet quota - on it's basis user can easily e.g. disable particular rule
- possibility to translate user interface
« Last Edit: March 30, 2017, 04:03:52 AM by matkra »

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek