Client Agent 1.6 has been released:

• Batch installation mode.
• Disabling a rule for domain with/without www.
• Improvements and bug fixes.

Now you may install CWAF client using batch mode. This can be useful for installation on multiple machines.

Batch install for system with cPanel and Apache web-server:

./setup.sh --batch --login=login --password=password

Batch install for system with cPanel and LiteSpeed web-server:

./setup.sh --batch --login=login --password=password --platform=LiteSpeed

Batch install in the standalone mode:

./setup.sh --batch --login=login --password=password --mode=standalone --platform=Apache --path=/opt/cwaf ./setup.sh --batch --login=login --password=password --mode=standalone --platform=LiteSpeed --path=/opt/cwaf

You may update your client from cPanel plugin: “Main” → “New client is available” or download and install new script, available by link: https://waf.comodo.com/cpanel/cwaf_client_install.sh

good job guys!

Thanks to you guys all the webservers have a way to be protected.

Same problem today again…

Client Agent 1.7 has been released:

• Support of Mod Security 2.8.
• Support of exclusion of add-on domains and parked domains
• Improvements and bug fixes.

Client Agent 1.8 has been released:

• Scheduling of update rules.
• A monitor for view all disabled global rules.
• A monitor for view all domains with disabled rules.
• Management of white lists.
• Improvements and bug fixes.

In 1.8 where is the “exclude rules” tab gone? the only docs I can find are for version 1.1

Since version 1.3 tab “Exclude rules” is substituted by section “Catalog” where you can exclude categories, groups and rules.

Client Agent 1.9 has been released:

• Custom user exclude list.
• Improvements and bug fixes.

Now you may add additional excludes of protection rules: ‘Userdata’ → ‘Custom Rules’

which will be stored in he local file:

/var/cpanel/cwaf/etc/httpd/custom_user.conf

Client Agent 1.10 has been released:

• Turn off protection rules for domain.
• Improvements and bug fixes.

Now you may easy disable all protection rules for any of your domains: ‘Security Engine’ → ‘Disabled Domains’

Its not working.

Could you please create separate topic with this issue and provide more details?

Bug: WAF Update button says upgrade to 1.91 but once upgrade is completed it shows version 1.10

Thank you. Correct version is 1.10.

1.9.1 was a intermediate, working version.

Client Agent 2.0 has been released:

• Integration with Parallels Plesk Panel.
• Added new userdata configuration list - login pages.
• Updated default configuration of ModSecurity for cPanel servers.

Now CWAF client supports servers with a Plesk Management Platform.

To install CWAF client on server with a Plesk Management Platform you may download new install script here:

https://waf.comodo.com/cpanel/cwaf_client_install.sh

and run it as root:

bash cwaf_client_install.sh

or with sudo:

$ sudo bash cwaf_client_install.sh

Plesk platform will be detected automatically.

CWAF documentation will be updated in the near future.

Client Agent 2.0.1 has been released:

• Fixed issues with Global exclude list.
• Added tools for fixing issues with exclusion of protection rules.

If you have some problems with excluding of protection rules in the Global exclude list you may perform any Catalog operation (e.g. turn on and then off some single rule) or run fix script in the console:

<CWAF_INSTALL_PATH>/scripts/fix_excludes.pl

You also may find new user documentation here:

http://help.comodo.com/topic-212-1-516-5955-Comodo-Free-ModSecurity-Rules---Quick-Start-Guide.html
http://help.comodo.com/topic-212-1-514-5928-Comodo-Free-ModSecurity-Rules---Introduction.html

or on the product website:

Client Agent 2.1 has been released:

1. Improved rules excluding system.

The new mechanism is designed to improve the efficiency of exceptions. Now, when you exclude some of protection rules, all its dependent rules will be excluded automatically. Thus, unused rules are no longer load CPU.

Only main protection rule in the chain is shown in Catalog, depended rules are not displaying any more.

2. Preparing switching to the new structure of rules categories and groups.

In the near future CWAF rules categories and groups will be restructured. Old version of plugin will not be compatible with a new rules structure.

IMPORTANT: Please update plugin version to be ready for a new rules structure.

Dear customers!

HTTP response code: 404 Error reason: Your client version is not supported by current ruleset. Please update to latest client version. ERROR: can't connect to CWAF rules server

If you experienced this problem during downloading rules on fresh install, please update to latest client version (2.1.1)
Sorry for inconvenience.

Client Agent 2.2 has been released.

• This version includes new feature - Protection Wizard.
• Fixed issue with showing mod_security state in Plesk plugin.

Now you may use this simple and user-friendly interface for manage your protection rules depending on used web-applications.

Can you please provide more details on this new feature.

This feature will allow to disable rules targeting web-application not installed on your server and significantly reduce server load.
By answering dozen of simple questions customer can choose which categories she/he want to protect.
Previously excluded rules can be added to this choice affecting global exclude list.

[attachment deleted by admin]