CWAF Beta Release 1.0

We are pleased to announce the beta release of the Comodo Web Application Firewall.

A web application firewall is application layer firewall which protects your web site. Its processes the HTTP traffic and blocks malicious requests to your web server such as SQL Injection attacks.

The CWAF Beta release is offered free (registration required) and has the following features:

Web based user interface.
Reverse Proxy operation mode.
SSL enabled (CWAF can be configured to provide HTTPS).
DOS Prevention.
Cookie analysis.
Content and header processing(protection from):
Cross-Site Scripting (XSS)
SQL Injection
Directory Traversal
Remote Command Execution
URI encoding

Its available for download here : http://downloads.comodo.com/cwaf/cwaf-installer.sh
Registration can be done here : Comodo Account Management | Login or Create a new Account

Installation Instructions

  1. Check the system requirements:
    modern 32/64 linux distribution with kernel >= 2.6.9
    RAM amount >= 512MB

  2. Check the software requirements:
    perl >= 5.8.XX
    openssl version >= 0.9.8

  3. Download and run the CWAF installer: “sh ./cwaf-installer.sh” and follow its instructions

Once installed the product instructions can be found within the user interface under the help tab.

Congratulation with the release.(:CLP)

excellent work guys!! We are expecting big things from CWAF :wink:

we would love to hear your feedback about CWAF pls.

Melih

…hope my boss can give me some spare time for this one >:-D
Any more news documentation screenshots etc available?
Very interested and very curious…

there’s a copy-past error on the Terms and Conditions… (From EasyVPN)…

[attachment deleted by admin]

Download link in the signup email also points to the download location of EasyVPN:

Downloading the Software by this link. http://easy-vpn.comodo.com/download.html

We are aware of this issue and will have it sorted out very shortly.

There are some screenshots from CWAF management WEB-panel:
cwaf1 - list of protected sites;
cwaf2 - site configuration;
cwaf3 - rules configuration;
cwaf4 - administration page;
cwaf5, cwaf6 - event logs.

[attachment deleted by admin]

Thats awsome! Great work guys! Jeez I need to get my website up and running to try this thing out! (:CLP)

Is CWAF targetted at businesses only?

anyone who hosts a website…

Melih

I think so, you have at least have to have a linux box with this in front of your own web server. So I don’t think you can’t use it on a co-hosted box.

Would be nice if you could run this as a reverse proxy on the same box in front of your web site, that would save a box, maybe staff can answer this question?

Or that it could integrate with some of the major “Hosting Automation Control Panels”

It’s possibly to run CWAF on the same box. And it’s easy to configure.

In a future we also plan to integrate with popular “Hosting Automation Control Panels” and develop special module solutions for a popular web-servers.

Thanks Vadim, sound good.

Many thanks Vadim , :slight_smile: excellent Kind regards

Lordy I wish I had begun learning web hosting originally on *nix platform. Regrettably I chose the WAMPP route using Joomla! as my CMS of choice. This would be the 1st thing installed in every instance of putting up a server/ site.

Is there a derivative of sorts similar to this that could be incorporated in a windows environment? And/Or the possibility of a similar tool set that could be offered as a Joomla! extension? This would win top honors without a doubt.

Is this project alive?