Comodo WAF as Vendor on Litespeed then Switched to Plugin: Is It Working?

I had Comodo WAF installed on my cPanel/WHM/Litespeed server as a Mod Security Vendor, and ended up wanting the UI of the Comodo WAF plugin, so I installed the plugin successfully using the bash script, then disabled the Vendor. Just to be safe, I ran the Protection Wizard and restarted Litespeed.

Since I did that, if I go WHM → Security Center → ModSecurity Tools, I no longer have any new hits in the hits list. Is that normal behavior when using the WAF plugin instead of the vendor, or should I still be getting hits there?

Do I need to look at /var/log/CWAF directly to see the hits?

I know that the vendor and plugin aren’t compatible, but I want to make sure the plugin is working now that I’ve switched.



Seems plugin is misconfigured.
Please check your mod_security related server configuration

Regards, Oleg

Now hits are showing up in WHM → Security Center → ModSecurity Tools.

There was a four-hour gap with nothing in there, then it started working again. I have no idea why, but I seem to be in good shape now.