Our experiences so far installing Comodo WAF - Overcoming beginners’ problems.
And how not to get ‘locked’ out of your VPS ( URL hostname ), not loose WHM/cPanel (https) access and WHMCS ( admin panel ) access and avoid no longer seeing your hosted websites on the WWW ?
Our VPS server hostname is: serverx1.abcdef.net
Our server IP is: 123.456.789.112
WHMCS is installed on: www.abcdef.net
WHMCS admin login is at: abcdef.net - This website is for sale! - abcdef Resources and Information.
And three websites in three cPanel user accounts:
www.efg.com - WordPress site
www.hij.net - WordPress site
www.spqr.org - WordPress site
Installing Comodo WAF proceeded without problems on a VPS with WHM/cPanel, WHMCS, Installatron, ConfigServer Firewall, mod_security ( EasyApache add on and WHM plug-in) twice over. First time with Litespeed webserver and second time with Apache webserver with exactly the same problem(s). De-installing the Comodo WAF cPanel plug-in and removing the string from /modsec.conf using the instructions from section 2.2.5 from the below manual did not solve our problems. Using a server snapshot we had to go back in time and by luckily remembering our ‘old’ server log in details could we regain ‘control’ again and restart afresh building up our server !
For installation we followed the instructions in the Comodo WAF Administrator Guide.
In the appearing WHM/cPanel Comodo WAF plugin interface we then:
- updated the ‘rules’ by pressing on the black button
- changed the settings to 4 debug level and
- turned on the security engine in a next tab
We did however not whitelist anything etc. assuming our settings on the VPS in Configserver Firewall would be included ….
Twice over ( with Litespeed and with Apache webserver after complete re-install) we got the following error messages when shortly after installation of Comodo WAF we proceeded with WHMCS admin and after making some changes and trying to save:
"Forbidden: You don’t have permission to access www.abcd.com/whmcs/configserver.php on this server.
Additionally a 404 error … Apache 2.49 etc )
Googling this indicated a Mod_scurity rule error …
Nowhere did we find or read any warnings nor see understandable instructions on how to properly proceed after installing Comodo WAF with the above disastrous outcome.
Comodo WAF and Mod_security are apparently that effective that all network access to your VPS server URL, WHM/Cpanel and hosted websites can be closed off from the WWW.
Can you please - for the not so experienced or enlightened - give clear understandable step by step instructions on what to do and what to enter in the Comodo WAF cPanel interface ? For this we have given our server and website details …?
Our next concern is: how complex and nerve wrecking will properly maintaining the Mod_security rules and exceptions be in practice ?
I am seeing a multitude of forum web posts on various errors Mod_security related errors ?
For the moment we have returned to Configserver Firewall, phpHulk Buute force, de-installed Mod_Security ( Easy Apache rebuild ) and use Wordfence plug-in for the WordPress sites. This works well and is easy to understand.
With Litespeed we experienced a lot of problems. Much to our regret this company - despite relentless attempts and endless correpondence, vague assurances - apart from not so useful general instructions is unwilling to log into servers nor offer on hands problem solving. We have for the moment ‘switched’ off Litespeed.