Hello guys,
After searching for free good rules, i fell on these, which seems to be pretty good.
I used the cpanel installation script (no problems during the installation with cpanel choice) and faced the same error when trying to open the module in WHM → “Can’t locate Comodo/CWAF/Cpanel.pm in [at]INC”
The solution provided by George wasn’t effective, i had to modify it a little to get the module & update working.
In all 3 following files i’ve added this just after #!/usr/bin/perl :
BEGIN { unshift [at]INC, '/var/cpanel/cwaf/modules/CPAN/lib/'; }
/usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi
/usr/local/cpanel/whostmgr/docroot/cgi/cwaf_main.cgi
/var/cpanel/cwaf/scripts/updater.pl
As of now I have been able to open the module in WHM and update the rules, i didn’t test exclusions yet but i can see a file which is read in the tab with the following content, so it may work :
# Created by CWAF management application # Note! This file may be modified and any manual changes may be lost! # Date: 16/02/14 17:57:07 UTC
Regarding the rules they seems to be working as shown in the log for example :
Message: [file "/var/cpanel/cwaf/rules/cwaf_02.conf"] [line "878"] [id "212222"] [msg "COMODO WAF: Blocking python-requests User-Agent. Disable rule if you need it."] [severity "CRITICAL"] Access denied with code 403 (phase 2). Pattern match "python-requests/" at REQUEST_HEADERS:User-Agent.
My environment is as follow :
- Centos 6 with 3.2.54-61.art.x86_64 kernel
- Cpanel 11.40.1.11
A note for all trying to make this work too, the [at] in “[at]INC” has to be replaced with the real at-sign or it won’t work and you’ll get a syntax error.
Hope this will help.