Comodo WAF and Cassandra?

Is WAF compatible with Cassandra?


We will check it for compatibility.

Regards, Oleg

Thank you Oleg, please let me know as soon as you find something.

Thank you again.


we’ve researched Cassandra’s installation and work and haven’t found it’s co-operation with Apache and ModSecurity.
So, WAF should be compatible with Cassandra.

Thank you Akabakov for your help. I was eagerly waiting for your answer. I do understand when you say “WAF should be compatible with Cassandra”.
I don’t get it when you say “haven’t found it’s cooperation with Apache and ModSecurity”? What does that mean?

Sorry for that. :slight_smile:

Cassandra is designed for distributed databases managing and doesn’t require web-services for work.
It means that by default, Cassandra uses the next ports:
7000 for cluster communication (7001 if SSL is enabled), 9160 for Thrift clients, 9042 for native protocol clients, and 7199 for JMX.
So, since Cassandra uses separate ports, ModSecurity and any WAF could not influence on Cassandra’s work.

But I didn’t consider that there are two web-based UI for monitoring and management:
Cassandra Cluster Admin GitHub - sebgiroux/Cassandra-Cluster-Admin: Manage your Cassandra cluster in your Web browser!
DataStax Opscenter DataStax Enterprise | DataStax

To avoid the false-positives I would like to recommend to turn ModSecurity off for these web-sites and protect them by another way, for example, to limit access from some IP-addresses.

Ok, understood!

So COMODO WAF only operates through ports 80 and 443?

No, port doesn’t matter. WAF based on ModSecurity application, it’s a web application layer firewall. And it’s work with some of the popular web servers like Apache or Nginx.

So, if your application work behind Apache, Nginx or LiteSpeed and process HTTP/HTTPS requests on some port (80, 443 or 8080 or 10433 - doesn’t matter) - CWAF can be installed and protect your application.

If your application work with non-HTTP protocol or based on some other web-server (non-supported by ModSecurity) - CWAF can’t help you for now. We are working on support more popular web platforms.

In the case of Cassandra we don’t have any web application (any web interface), so WAF can’t protect it.

What about using WAF CLI instead of a web interface? If I use WAF’s command-line, can WAF protect Cassandra?


CWAF will protect Apache/Nginx server no matter how it used: as web interface or as CLI utility.

Regards, Oleg

Thanks Oleg :slight_smile: