Auth Error

Hi

I just installed CWAF on a centos 7 box

I am using webmin

I have errors if I try to update from the webmin ui

the Main Tab in the webmin ui carries the error you can see in the screenshot:

Current rules version 0 (Connection error: Auth failed)

And if I try to update config I get

Error Request to server failed

I’m using the email I opened the account with and the correct password (I can login to waf.comodo.com ok)

any ideas of problem and how to fix please?

regards

l.

[attachment deleted by admin]

Hi!

Try to change your password in /usr/local/cwaf/etc/main.conf from MD5 to plain text and update the rules again.
Also you can run:

nmap waf.comodo.com

on your server. Ports 80 and 443 should be opened.

thanks very much for reply

I tried your suggestion of plain text password.
The “Current Rules Version” now shows 0 not previous error

But updating config gives same “Error Request to server failed”

I have double checked credentials at waf.comodo.com - they are correct.

Actually I should mention that when I Installed the webmin ui stuff gave errors exactly as per this post:
https://forums.comodo.com/free-modsecurity-rules-comodo-web-application-firewall-b223.0/-t113621.0.html

I used the solution there to fix the problem, which also included installing perl Template package.

After that the webmin ui displays correctly.
So perhaps the install script needs a bit of tightening up? The problem seems to be that the install just dumps all the perl stuff in /root/perl5/
And it makes me wonder maybe is there some other perl module missing which causes the auth fail but isnt throwing a visible error?

Does the cwaf webmin ui log errors? I find no related errors in the webmin log or cwaf log. Anywhere else to look for clues?

thanks again for your input

l.

Hi

Also this error can happen if you have unicode (non-plain english) characters in your login/password.
If it is please change login/password so it only contain english letters, digits and ‘-’ sign [a-zA-Z0-9-]

Regards, Oleg

thanks for reply

but I think not that problem - the password regex would be [a-zA-Z0-9]

If I run updater.pl I get this output:

current version is up to date
update process finished!

and an entry in utils.log:


01/02/16 09:23:41 updater[27326]  current version is up to date
01/02/16 09:23:41 updater[27326]  update process finished!

so that would indicate updater.pl must be connecting, and therefore issue is with the webmin ui somehow.

I’m grateful for any other input, and please let me know if something else I can do to debug issue.

regards

l.

UPDATE:

If I use a dummy password and run updater.pl again the output is exactly the same:

current version is up to date
update process finished!

so that didnt prove anything :frowning:

I dont actually know what updater.pl does, except from docs:

The agent installed on the server enables the administrator to manually download and deploy the latest version of the Firewall Rule Sets.

so if it doesnt have correc credentials why does it give positive output? Shouldnt it throw error?

anyway, there we are

regards

l.