Update warnings

Free Modsecurity rules - Comodo Web Application Fi
#1

Hello,

Each time I run updates on the rules I always get errors/warnings like these:

root@server [/var/cpanel/cwaf/scripts]# ./updater.pl -w
(in cleanup) Can’t open tmp/cwaf_cookies.tmp: No such file or directory at /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/HTTP/Cookies.pm line 415.
info [updater] Missing owner for domain server.hostname.com, force lookup to root
^* matches null string many times in regex; marked by ← HERE in m/^* ← HERE .domain.net:\d+$/ at /opt/cpanel/perl5/514/site_lib/Comodo/CWAF/Cpanel.pm line 98.
^* matches null string many times in regex; marked by ← HERE in m/^* ← HERE .domains.com:\d+$/ at /opt/cpanel/perl5/514/site_lib/Comodo/CWAF/Cpanel.pm line 98.

Can you fix some of these?
I get these both on Apache and Litespeed.
All servers are running Cloudlinux 6.7 with latest kernel.

#2

Hi

Thank you for feedback.
We will fix this issues in next release excepting this one:

Can't open tmp/cwaf_cookies.tmp: No such file or directory at /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/HTTP/Cookies.pm line 415.

Seems your /var/cpanel/cwaf/etc/main.conf is bit outdated and updater ca’t find cookie file.
To fix issue please change this line:
http_cookie_file=“tmp/cwaf_cookies.tmp”
so it will look like this:
http_cookie_file=“/tmp/cwaf_cookies.tmp”

Regards, Oleg

#3

Ok, will try that.
Can that have issues with other things in CWAF?

#4

No issues expected.
This will allow to send cookie instead of login/password pair to get rules version.

Regards, Oleg

#5

But when we do agent updates, doesn’t the /var/cpanel/cwaf/etc/main.conf file get updated?

I checked one old server and one new:
OLD:

#################################################
# Cpanel CGI directory
cgi_dir="/usr/local/cpanel/whostmgr/docroot/cgi"

updater_bin=scripts/updater.pl
client_updater_bin=scripts/update-client.pl
cwaf_wrapper_bin=scripts/cwaf-wrapper.pl

#################################################
# HTTP data
#################################################
# Path to cookie file
http_cookie_file=tmp/cookie.tmp

# Timeout for http client
http_timeout=60

cwaf_firstrun_flag="etc/first.run"

nginx_modsec_conf=/var/cpanel/cwaf/nginx/modsec2_nginx.conf

cwaf_modsec_conf=/usr/local/apache/conf/modsec2.conf

cwaf_backup_file="backup.tgz"

web_user=root

NEW:

#################################################
# Cpanel CGI directory
cgi_dir="/usr/local/cpanel/whostmgr/docroot/cgi"

updater_bin=scripts/updater.pl
client_updater_bin=scripts/update-client.pl
cwaf_wrapper_bin=scripts/cwaf-wrapper.pl

# first run file
cwaf_firstrun_flag="etc/first.run"

# mod_security config
cwaf_modsec_conf=/usr/local/apache/conf/modsec2.conf

#################################################
# HTTP data
#################################################
# Path to cookie file
http_cookie_file=/tmp/cwaf_cookies.tmp

# Timeout for http client
http_timeout=60

cwaf_backup_file="backup.tgz"

web_user=root

nginx_modsec_conf=/var/cpanel/cwaf/nginx/modsec2_nginx.conf is missing in new, but we don’t use nginx…

#6

Hello.

main.conf may be changed in update, but we don’t replace user’s settings in it.

#7

Ok.

But we don’t have custom settings for our servers.
So then I can easily copy a new main.conf file from a new server and use that on all servers as long as we have the latest agent on all servers?

#8

I think it’s easier to update old CWAF-clients to new one.

#9

We have all clients updated, but the conf file is not updated.
I have manually corrected it on all servers now…

#10

Sorry for misunderstanding.

main.conf is not updated, because customers can write your configuration parameters in it.

http_cookie_file=tmp/cwaf_cookies.tmp means that temporary files are written in /path_to_cwaf/cwaf/tmp, not in root /tmp dir.

But you can rewrite it as you need.