To install Mod_security for IIS installers (for 32bit and 64bit respectively) should be loaded from http://www.modsecurity.org/download.html and run. After installation Mod_security should be visible in modules list in IIS Manager.
Default installation path for Mod_security rules and configuration files is: “C:\Program Files\ModSecurity IIS”.
Choose source “IIS” and download latest rules (Latest release: 1.54).
Click to Download Full RuleSet
After downloading of the rule-set you get the archive “comodo-iis-rules-154.zip”.
Back-up current “C:\Program Files\ModSecurity IIS” folder.
Extract archive to “C:\Program Files\”.
Restart IIS. [/ol]
Check CWAF Protection
To check CWAF protection work you may send the next request to your server: [code=“request to your server:”]http://your.server/?a=b AND 1=1
https://forums.comodo.com/index.php?action=dlattach;topic=113751.0;attach=111243
[b]Update of the Protection Rules[/b]
[ol]- Open system Terminal (cmd).
- Run system command:[/ol]
You may add this command as a regular system task to Windows scheduler.
[b]Additional Details[/b]
- "rules.dat" is file, containing rules version;
- "modsecurity_iis.conf" – main ModSecurity configuration file;
- "cwaf_modsecurity.conf" - CWAF configuration file;
- "cwaf_excludes.conf" - file with excluded rules id – some rules are excluded by default because of false-positives. To turn them on it needs to remove them from this file and restart IIS;
- "categories.conf" - file with rules categories;
- "cwaf_update.vbs" - script is designed for rules update.
[attachment deleted by admin]
Hello.
We collect information about current supported platforms. So, please, inform us about IIS versions which work with our plugin and ruleset.
Thanks a lot.
CWAF was working great with Windows server 2012R2 and IIS 8.5.9600.16384 until late last year. Now if I try to update ruleset past v 1.87 from 2016 I get error that Modsecurity is unable to process rulesets. Is any work being done to make the product compatible with IIS 8.5?
We have this now on our Plesk servers aswell and it is working great. Just a few errors after it is imported into Plesk. Note we tried Atomic Secured rules which work 100% but want to move to Comodo WAF for IIS but just a few issues exist after import: