Author Topic: Wish List (Please post your wishes here)  (Read 10351 times)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14588
    • Video Blog
Wish List (Please post your wishes here)
« on: December 30, 2013, 12:37:25 AM »
Please post your wishes for our Free Modsecurity Rules here. Our developers will regularly check this post and extract your wishes and put it in future releases.
thanks
Melih

Offline George_Fusioned

  • Newbie
  • *
  • Posts: 19
Re: Wish List (Please post your wishes here)
« Reply #1 on: January 04, 2014, 03:32:33 PM »
Full LiteSpeed webserver compatibility.

That would be something nice. Currently atomicorp rules are "somewhat" supported by LSWS. It would be nice to either provide a LiteSpeed compatible ruleset, or detect if LiteSpeed is running and disable the non-compatible rules.

http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_compatibility
https://www.atomicorp.com/wiki/index.php/Litespeed#Do_the_modsecurity_rules_work_with_Litespeed

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14588
    • Video Blog
Re: Wish List (Please post your wishes here)
« Reply #2 on: January 04, 2014, 05:58:06 PM »
Full LiteSpeed webserver compatibility.

That would be something nice. Currently atomicorp rules are "somewhat" supported by LSWS. It would be nice to either provide a LiteSpeed compatible ruleset, or detect if LiteSpeed is running and disable the non-compatible rules.

http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_compatibility
https://www.atomicorp.com/wiki/index.php/Litespeed#Do_the_modsecurity_rules_work_with_Litespeed

Thank you, we'll add it to our wishlist in development.

Offline Julien-WebTalkPRO

  • Newbie
  • *
  • Posts: 15
Re: Wish List (Please post your wishes here)
« Reply #3 on: January 06, 2014, 09:34:31 PM »
Pretty much a sum up of what we chatted Melih.

Disabling rules by ID (globally)
Disabling rules by ID per cPanel account or domain
Disabling rules by directory

Auto-update of rules, daily, weekly.
Changelog for each update, will help us target bugs too

Maybe at some point a rule editor, categorized rules.

And as mentioned above, a better integration with LSWS. Even tho I dont see any issues so far in our logs.



WebTalkPRO - Webmaster & Hosting community

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14588
    • Video Blog
Re: Wish List (Please post your wishes here)
« Reply #4 on: January 06, 2014, 09:44:46 PM »
Pretty much a sum up of what we chatted Melih.

Disabling rules by ID (globally)
Disabling rules by ID per cPanel account or domain
Disabling rules by directory

Auto-update of rules, daily, weekly.
Changelog for each update, will help us target bugs too

Maybe at some point a rule editor, categorized rules.

And as mentioned above, a better integration with LSWS. Even tho I dont see any issues so far in our logs.

Thanks Julien

can you pls expand on the concept of categorized rules..

thanks.

Offline Julien-WebTalkPRO

  • Newbie
  • *
  • Posts: 15
Re: Wish List (Please post your wishes here)
« Reply #5 on: January 06, 2014, 09:57:52 PM »
For examples right now it's a bit hard to know which rule ID does what.

Categorize rules by type and maybe even a short description of each rule:

ie:
20042: Wordpress admin login attempts Category: Login attacks
16050: w00t SQL Injection Category: SQL Injection

This will help alot web hosts to try and activate rules they want.
WebTalkPRO - Webmaster & Hosting community

Offline idem

  • Comodo Staff
  • Comodo Member
  • *****
  • Posts: 40
Re: Wish List (Please post your wishes here)
« Reply #6 on: January 07, 2014, 01:20:32 AM »
Thank you Julien.

We will implement categories and descriptions in future versions.

Offline designcentre

  • Comodo Member
  • **
  • Posts: 48
Re: Wish List (Please post your wishes here)
« Reply #7 on: January 07, 2014, 04:55:13 AM »
For examples right now it's a bit hard to know which rule ID does what.

Categorize rules by type and maybe even a short description of each rule:

ie:
20042: Wordpress admin login attempts Category: Login attacks
16050: w00t SQL Injection Category: SQL Injection

This will help alot web hosts to try and activate rules they want.

I second that, I'm fed up installing new rules and find apache errorS due to another rule having the same ID - aaahhhhhhhh then the hunt begins or you have to renumber it yourself which makes updating a pain in the butt

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 357
Re: Wish List (Please post your wishes here)
« Reply #8 on: January 11, 2014, 09:14:14 AM »
I second that, I'm fed up installing new rules and find apache errorS due to another rule having the same ID - aaahhhhhhhh then the hunt begins or you have to renumber it yourself which makes updating a pain in the butt
Why do you have rules with duplicate IDs, how it happened? Each rule has unique ID in the CWAF rules set.
« Last Edit: January 11, 2014, 09:58:54 AM by TDmitry »

Offline Julien-WebTalkPRO

  • Newbie
  • *
  • Posts: 15
Re: Wish List (Please post your wishes here)
« Reply #9 on: January 11, 2014, 02:25:42 PM »
Why do you have rules with duplicate IDs, how it happened? Each rule has unique ID in the CWAF rules set.

Probably in house rules too. Like we do, we made sure to use a much higher id tho.
WebTalkPRO - Webmaster & Hosting community

Offline stenrulz

  • Newbie
  • *
  • Posts: 3
Re: Wish List (Please post your wishes here)
« Reply #10 on: January 12, 2014, 06:33:32 PM »
How about an opt-in option for the cpanel addon which sends data to Comodo for analysis? similar to how Cloudflare uses their data to update there WAF product.

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1498
  • BETA FORCE MEMBER
Re: Wish List (Please post your wishes here)
« Reply #11 on: February 10, 2014, 09:55:46 AM »
If CWAF is installed as standalone (no as a cPanel plugin), there is absolutely no way to find the version of CWAF installed.
A way to find if its up and running in Apache either (after inclusion).

Please add a way to find what version of CWAF is currently installed and a way to see if its running with Apache, when installed as standalone.

Offline ultrasparc

  • Newbie
  • *
  • Posts: 5
Re: Wish List (Please post your wishes here)
« Reply #12 on: February 18, 2014, 10:39:17 AM »
Hello

Do you plan to make a rule to block bruteforce requests to wp-login.php (wordpress) and /administrator (joomla)?
id "212100" COMODO WAF: Failed login attempt - this rule are logged only but does not lock.
And I would like to block requests

Offline chuvadenovembro

  • Newbie
  • *
  • Posts: 16
Re: Wish List (Please post your wishes here)
« Reply #13 on: February 19, 2014, 09:19:03 PM »
Custom whitelist for various servers?


Offline VinayakSharma

  • Newbie
  • *
  • Posts: 2
Re: Wish List (Please post your wishes here)
« Reply #14 on: February 23, 2014, 10:51:55 PM »
Installation Validation

While installing, it asks for user/pass.

Since that user/pass is also comodo account user/pass.

Food for thought:

1) Handing it over to support techs (in house/outsourced),
2) What if we change our account password, are we required to change it on server too, what if there are 100s of them.

It will be better, if it asks for license or something like access/validation key.

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek