CWAF client install & updater issues


We are having issues with both the CWAF client installer (v2.0) and the updater script.

We tried installing the client installer as per the instructions -
However it doesn’t give the option for step 1. Choose the type of installation and directly asks for CWAF login details.

On completion, we have noticed there is a symbolic link file ‘rules’ in the CWAF folder pointing to /root/cwaf/tmp/EMPTY but no actual rules folder anywhere, although according to cwaf.conf and main.conf files the rules directory should be present in the cwaf install folder (Include /root/cwaf/rules/*.conf, rules_dir=rules).

On running the updater script, rules are downloaded to tmp/rules/workdir1/rules and the rules file is updated pointing to tmp/rules/workdir1/rules

Could you please suggest what we are missing and we can do here? For now we have updated all references to point to rules in tmp but we want to use rules updater on regular basis using cron so need to ensure rules folder is updated and maintained as expected.

Here is the initial client script output -

09-10-2014 16:27:10 Starting the installation
09-10-2014 16:27:13 ----------------Checking Apache-----------------------
09-10-2014 16:27:13 Found APACHE version 2.2.15
09-10-2014 16:27:13 Found MODSECURITY version 2.8
09-10-2014 16:27:24 ---------------Checking LiteSpeed---------------------
09-10-2014 16:27:24 LiteSpeed binary /usr/local/lsws/bin/lshttpd not found!
09-10-2014 16:27:25 -----------------Checking Nginx-----------------------
09-10-2014 16:27:26 Nginx binary /usr/local/nginx/sbin/nginx not found!
09-10-2014 16:27:27 ------------------------------------------------------
09-10-2014 16:27:27 No suitable LiteSpeed/Nginx web servers found.
09-10-2014 16:27:27 Assigning WEB Platform: Apache
09-10-2014 16:27:27 Using PERL /usr/bin/perl
09-10-2014 16:27:27 Using CPAN /usr/bin/cpan


The documentation is outdated. New documentation will be available soon.

So, you installed our software in /root/cwaf/. To use our rules you need add to your ModSecurity conf-file the next string:

Include /root/cwaf/etc/cwaf.conf

You also can add to your crontab /root/cwaf/scripts/ to update rules. Rules are saved in /root/cwaf/rules/ This directory is symlink to /root/cwaf/tmp/rules/workdir1/rules/ After update this directory will be changed on /root/cwaf/tmp/rules/workdir2/rules/ to save previous rules version. The next update will change it to /root/cwaf/tmp/rules/workdir1/rules/ again and so on.

Thanks for your clarification on this akabakov. Updated documentation would have saved us some time :slight_smile: