Wish List (Please post your wishes here)

Well some of my clients host adult site also. I need a feature like with a button name “Disable Adult Security” for particular sites . which will disable all enabled adult rules for particular site and disable adult comment blocking, post and few more which u have added in ur rules. Please see what u can do for it

To be able to store the rules in a directory of your choosing, I.E /usr/local/apache/conf/modsec_rules or where ever I need i them.

Another thumbs up for a whitelist interface.
Also, where are they stored, so that they can be easily replicated to other servers? It appears to be exclude.yml

Hi,
Do not remove global exclude and exclude per domain when rules are updated with a new version.
Or at least create backup with update script so we can easily restore our rules exclude list.

When rules are updated only directory ‘rules’ is rewritten. Also rules are backuped in update in /<path_to_cwaf>/tmp/rules/workdir2/rules/ and /<path_to_cwaf>/tmp/rules/workdir1/rules/ (previous rules version).

Hm, looks like they are not properly backuped because in both “workdir” folders I have the same (cwaf default) exclude file and all per domain excludes are missing. Some clients complained that they again have same troubles with mod_security false-positive detection and now again I’m excluding rules one by one per domain as clients reporting errors.

Global and domains excludes usually are not backuped and rewritten in update process.

Ok, so it’s possible to automatically backup complete workdir1 to preserve any excludes at rule update?
I mean, I can always manually update any changed rule, but as there is one click option I will rather use this automatic way than manually doing everything in every server (~30).

If you use our rules, web-client and Cpanel, you can scheduled update as you need in Cpanel section “Comodo WAF - Configuration - Schedule Update”. Also you can add script /<path_to_cwaf>/cwaf/scripts/updater.pl in crontab. Please, send your next message in new topic or submit a ticket at https://support.comodo.com, section “WAF support”

A plugin/module for Webmin would be great :slight_smile:

I put this into the regular forum but, MosSecurity cluster management!

https://forums.comodo.com/free-modsecurity-rules-comodo-web-application-firewall/clustering-and-management-t108000.0.html

Webmin please!

Will be great to have a button to list specifically in which domains and users are disabled which rules…the same function as the “Show Map” button in CMC.
Also a way to disable rules by cPanel user instead of domain, many times users have many domains or subdomains and we should go and disable one by one in the user domain.

Thanx!

Hi. I´m a Centos Cpanel user. An admin with some dev skills but not a developer. Comodo WAF has very good rules and the cpanel plugin is the best, really.

Could be better with more specific rules against RAVIJ sql injections and other similar programs. Todays I receive more than 20k sql injections daily, in url and forms in my server. I installed comodo rules today but didn’t catch these kind of atack. Instead, Owasp can catch a lot but all of us know about the hard work to eliminate false positives from there.

This is my suggestion.

Comodo WAF is very very practical.

All the best!

Please could we have a webmin / virtualmin plugin,

Thanks,

Please, a plugin for ISPConfig!

i want to see a rule for scan uploaded files via php form with clamav or maldet .

Different Forums.

Since COMODO is for:
nginx
LiteSpeed
Apache

I would sugest to have 3 separated sub-forums for each webserver.
Or create forum rules, where each message should have the webserver first in the title, like this:

“Litespeed: Problems error 500”

On the WHM Plugin, have an option to activate or deactivate Mod Lua.

Sucuri has a pretty nice vulnerability database that you can use here:
https://wpvulndb.com/

As more and more customers use Wordpress it would be great if Comodo can implement more rules for Wordpress in the future.