Hi. I´m a Centos Cpanel user. An admin with some dev skills but not a developer. Comodo WAF has very good rules and the cpanel plugin is the best, really.
Could be better with more specific rules against RAVIJ sql injections and other similar programs. Todays I receive more than 20k sql injections daily, in url and forms in my server. I installed comodo rules today but didn't catch these kind of atack. Instead, Owasp can catch a lot but all of us know about the hard work to eliminate false positives from there.
This is my suggestion.
Comodo WAF is very very practical.
All the best!