comodo waf plugin and modsecurity

aros

Verified User
Joined
Jan 12, 2017
Messages
7
Hi,
Thanks to comodo waf plugin, it was installed easy

cd /usr/local/directadmin/custombuild
./build update
./build set modsecurity yes
./build set modsecurity_ruleset comodo
./build modsecurity
./build modsecurity_rules
./build rewrite_confs

now, we have some problem with partial uploading pictures to one website hosted on server which solved when we set off the "Request Body Access" in security engine tab of plug-in.
also we had a table deletion form a database after installing and running comodo waf (not sure be related to comodo waf !)

what is preferred "comodo waf " configuration for website hosting servers ?

CentOS 7.6
php 7.2
php 5.6


Regards
 

lolfust1

Verified User
Joined
Oct 24, 2015
Messages
40
Hi,
Thanks to comodo waf plugin, it was installed easy

cd /usr/local/directadmin/custombuild
./build update
./build set modsecurity yes
./build set modsecurity_ruleset comodo
./build modsecurity
./build modsecurity_rules
./build rewrite_confs

now, we have some problem with partial uploading pictures to one website hosted on server which solved when we set off the "Request Body Access" in security engine tab of plug-in.
also we had a table deletion form a database after installing and running comodo waf (not sure be related to comodo waf !)

what is preferred "comodo waf " configuration for website hosting servers ?

CentOS 7.6
php 7.2
php 5.6


Regards
edit the modsec conf and change the Request Body Access and empty request body to desire number, and restart apache/nginx
 

simpel

Verified User
Joined
Jun 6, 2019
Messages
16
open directadmin webinterface.
Click: 'Comodo WAF 2.24.4' link
click: 'UserData' tab
In formfield 'custom rules' add the the following:
SecRequestBodyNoFilesLimit 131072000

thats 10 times the default limit.
if still not enough increase even more.

(its recommended to edit this stuff not directly in the files themselfs on the server but through the webinterface because directadmin might overwrite custom edits when rebuilding/updating new versions.... overwriting your custom settings if not made through webinterface)
 
Last edited:

Migdiradmin

Verified User
Joined
Jan 5, 2020
Messages
38
wen i use this comands i have only comodo rules right?
What is the modecurity_rules?
What is the best Comodo rules or owasp for nginx_apache ?
 
Top