Wish List (Please post your wishes here)

[Melih]

Please post your wishes for our Free Modsecurity Rules here. Our developers will regularly check this post and extract your wishes and put it in future releases.
thanks
Melih

[George_Fusioned]

Full LiteSpeed webserver compatibility.

That would be something nice. Currently atomicorp rules are "somewhat" supported by LSWS. It would be nice to either provide a LiteSpeed compatible ruleset, or detect if LiteSpeed is running and disable the non-compatible rules.

http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_compatibility
https://www.atomicorp.com/wiki/index.php/Litespeed#Do_the_modsecurity_rules_work_with_Litespeed

[Melih]

Full LiteSpeed webserver compatibility.

That would be something nice. Currently atomicorp rules are "somewhat" supported by LSWS. It would be nice to either provide a LiteSpeed compatible ruleset, or detect if LiteSpeed is running and disable the non-compatible rules.

http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_compatibility
https://www.atomicorp.com/wiki/index.php/Litespeed#Do_the_modsecurity_rules_work_with_Litespeed

Thank you, we'll add it to our wishlist in development.

[Julien-WebTalkPRO]

Pretty much a sum up of what we chatted Melih.

Disabling rules by ID (globally)
Disabling rules by ID per cPanel account or domain
Disabling rules by directory

Auto-update of rules, daily, weekly.
Changelog for each update, will help us target bugs too

Maybe at some point a rule editor, categorized rules.

And as mentioned above, a better integration with LSWS. Even tho I dont see any issues so far in our logs.

[Melih]

Pretty much a sum up of what we chatted Melih.

Disabling rules by ID (globally)
Disabling rules by ID per cPanel account or domain
Disabling rules by directory

Auto-update of rules, daily, weekly.
Changelog for each update, will help us target bugs too

Maybe at some point a rule editor, categorized rules.

And as mentioned above, a better integration with LSWS. Even tho I dont see any issues so far in our logs.

Thanks Julien

can you pls expand on the concept of categorized rules..

thanks.

[Julien-WebTalkPRO]

For examples right now it's a bit hard to know which rule ID does what.

Categorize rules by type and maybe even a short description of each rule:

ie:
20042: Wordpress admin login attempts Category: Login attacks
16050: w00t SQL Injection Category: SQL Injection

This will help alot web hosts to try and activate rules they want.

[idem]

Thank you Julien.

We will implement categories and descriptions in future versions.

[designcentre]

For examples right now it's a bit hard to know which rule ID does what.

Categorize rules by type and maybe even a short description of each rule:

ie:
20042: Wordpress admin login attempts Category: Login attacks
16050: w00t SQL Injection Category: SQL Injection

This will help alot web hosts to try and activate rules they want.

I second that, I'm fed up installing new rules and find apache errorS due to another rule having the same ID - aaahhhhhhhh then the hunt begins or you have to renumber it yourself which makes updating a pain in the butt

[TDmitry]

I second that, I'm fed up installing new rules and find apache errorS due to another rule having the same ID - aaahhhhhhhh then the hunt begins or you have to renumber it yourself which makes updating a pain in the butt

Why do you have rules with duplicate IDs, how it happened? Each rule has unique ID in the CWAF rules set.

[Julien-WebTalkPRO]

Why do you have rules with duplicate IDs, how it happened? Each rule has unique ID in the CWAF rules set.

Probably in house rules too. Like we do, we made sure to use a much higher id tho.

[stenrulz]

How about an opt-in option for the cpanel addon which sends data to Comodo for analysis? similar to how Cloudflare uses their data to update there WAF product.

[w-e-v]

If CWAF is installed as standalone (no as a cPanel plugin), there is absolutely no way to find the version of CWAF installed.
A way to find if its up and running in Apache either (after inclusion).

Please add a way to find what version of CWAF is currently installed and a way to see if its running with Apache, when installed as standalone.

[ultrasparc]

Hello

Do you plan to make a rule to block bruteforce requests to wp-login.php (wordpress) and /administrator (joomla)?
id "212100" COMODO WAF: Failed login attempt - this rule are logged only but does not lock.
And I would like to block requests

[chuvadenovembro]

Custom whitelist for various servers?

[VinayakSharma]

Installation Validation

While installing, it asks for user/pass.

Since that user/pass is also comodo account user/pass.

Food for thought:

1) Handing it over to support techs (in house/outsourced),
2) What if we change our account password, are we required to change it on server too, what if there are 100s of them.

It will be better, if it asks for license or something like access/validation key.