Comodo rules for Nginx

Initialization version of Comodo protection rules for Nginx (from the version 1.6.3) has been released.

You may login to Comodo WAF interface:

Choose source “Nginx” and download latest rules (Latest release: 1.01).

Now, during installation of CWAF on your server you may choose Nginx Web Platform. It will be detected automatically and Comodo rules will be included to your ModSecurity protection configuration.

CWAF client version 2.7 with support Nginx platform has also been released.

I installed the comodo waf via directadmin custombuild for reverse proxy apache_nginx webserver. Now the problem is gzip and expires headers doesn’t work! They are beginning to work after I disable modsecurity. Any idea ?

ModSecurity doesn’t “understand” any kind of compression.
For example: gzip encoding / OWASP_CRS/LEAKAGE/SOURCE_CODE_ASP_JSP · Issue #821 · SpiderLabs/ModSecurity · GitHub
About expires headers we don’t have information yet.

We are glad to announce the initial free version of Comodo protection rules for Nginx + ModSecurity 3.0.

To download the Rule Set please perform the following actions:

[ol]- Log-in to your CWAF web UI at

  • Ensure that the ‘Rule set version’ tab is opened.
  • Select the correspondent source - “Nginx/ModSec_3.0”.
  • Click ‘Download full rules set’ to download the full set of the selected version. The download dialog will be displayed.
  • Click ‘Save’ to save the compressed rule set package file in gzip file format (.tgz) format in a local drive.[/ol]

You may configure your Nginx server with ModSecurity 3.0 and Comodo WAF using the next steps:

[ol]- Extract the rule set package files and transfer them to a local server folder, e.g. to /usr/local/cwaf/rules/

  • Modify the modsecurity configuration file to include the CWAF Rules. Add the similar row with correct path for the Rule Set main configuration file to modescurity configuation file, e.g.

Include /usr/local/cwaf/rules/rules.conf.main

  • Perform the configuration test:

nginx -t

Correct result:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

  • Reload the nginx service to activate the rules:

nginx -s reload

Please send us your feedback to improve CWAF rules for this new platform.

CWAF Plugin with support Mod Security 3.0 will be released soon.

For the above I’d like to elaborate a little more on number three -
You NEED to select the proper rule set for your web server platform - the rules are not the same for every platform. It is not readily apparent but there is a drop down box where you should select “Nginx/ModSec_3.0”

Hi guys,

I use webmin on Centos 7 with nginx+modsecurity 3. I just installed the plugin, but I see the plugin as autmatically downloaded the rules for modsec 2.x and not modsec 3.x.

Does the current plugin support nginx/modsec 3.x yet? If not, do you know when support will be added?

The most important thing for me is to be able to automatically update the rules every week. Is there a way of using wget to download the latest version of the nginx/modsec3 rules directly so that I can create a custom cron job?



As of now CWAF plugin supports rules for DirectAdmin + nginx + modsecurity 3. We have requested developers to add Webmin+modsec3 support to CWAF plugin.