CWAF is easy to set up and offers a customizable, rules-based traffic control system that delivers persistent protection against all known Internet threats. Frequent updates to the firewall rules database means your web site is even protected against the latest, emerging hacking techniques that might be affecting other websites.

The administrators to deploy the up-to-date firewall rule sets is by the use of CWAF Agent. As a one-off process, the administrator can download the agent set-up from the web administration interface and install it on the web
application server.
The agent can be configured to:
• Periodically poll the CWAF server and to automatically download and install the up-to-date firewall rule sets
• Install a cPanel plug-in on to the server that facilitates the administrator to configure the CWAF implementation.

cwaf plugin

 

Installing the Agent for cPanel Plug-in

Step 1

Register FREE Comodo Web Application Firewall Plugin.
https://waf.comodo.com/user

Once the registration completed, Run it installation script with a root privileges:

cd /usr/local/src

wget https://waf.comodo.com/cpanel/cwaf_client_install.sh

chmod 755 cwaf_client_install.sh

#./cwaf_client_install.sh

Choose type of installation:
1) Cpanel installation
2) Standalone scripts
Choose [1|2]: 1
Step 2

Enter the login credentials for CWAF
Enter CWAF connection data
————————–
Enter CWAF user: gopkris2000
Enter CWAF password: password

Step 3

Modify Apache Web Server configuration to enable ‘mod_security‘ module and include CWAF Rules, by adding the key ‘Include /var/cpanel/cwaf/etc/cwaf.conf‘ to /usr/local/apache/conf/modsec2.conf

Add this string to Apache HTTPD Mod_security config in your system:
Include “/var/cpanel/cwaf/etc/cwaf.conf”
and reload Apache

Installation complete!

Restart Apache server

#service httpd restart

The agent is installed on the server with a cPanel plugin for CWAF.

Using the Agent to download and deploy firewall rule sets

• Run the CWAF console tool:

/var/cpanel/cwaf/scripts/updater.pl

cPanel Plug-in for Firewall Configuration

CWAF CPanel plug-in allows the administrator to view and modify the web application firewall configuration, update the rule sets, configure rules to be excluded from the currently loaded rule set and to submit feedback to Comodo on the currently loaded rule set version.

To access the CWAF cPanel plugin

Login to cPanel on your server

Click ‘Plugins’ > “Comodo WAF Control“.

 

Uninstalling the CFMSR Agent

The CWAF is installed at the path /var/cpanel/cwaf by defualt.

To uninstall CWAF Agent,
Run the script ‘bash /var/cpanel/cwaf/scripts/uninstall_cwaf.sh
Do you want to remove Comodo WAF application?
Enter answer [y/n] y

Please don’t forget to remove string “Include /var/cpanel/cwaf/etc/cwaf.conf” from file/usr/local/apache/conf/modsec2.conf
and reload Apache
#service httpd restart

Comodo WAF uninstalled!

The agent will be removed from the server.

Originally posted on May 9, 2015 @ 11:35 pm

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.