Install FREE modsecurity rules for 2014

Whereas gotroot decided to go to a paid version of mod security rules this has left low margin web hosts and a bit out in the cold. Comodo has awesomely stepped in to provide a free ruleset and a WHM app. More information can be found on their website here

To install you will need to sign up as a member (free). And download and install the WHM tool.

Pre-requisite - be sure to run easyapache and have the latest version of Mod Security installed (currently 2.7.7) or errors will be displayed after installing the Comodo app.

To install quickly:

In SSH session as root, in the root directory run the following commands:

wget https://waf.comodo.com/cpanel/cwaf_client_install.sh
sh cwaf_client_install.sh

Go through install procedure,

1
2

enter username and password to Comodo that you used when you signed up when it asks, 

3


4
This is where the comodo intructions get sketchy. It will not work until you link to the rule set in the mod_security config file (via WHM). When finished installing, log into WHM on your VPS or dedicated server. Scroll down to Mod Security link and replace* or add to the config file with the following line and save, then restart apache:

Include "/var/cpanel/cwaf/etc/cwaf.conf"

* you will replace everything in there with this one line if the default rules or your old huge list of rules are there

5

Click (in WHM still) Comodo WAF link and download the latest rules (currently 0.41), this will download the latest rule set.

7

Restart the Apache web server. Although, the Comodo WAF app will also restart apache after downloading the rules, and if there is an error it will revert to no rules, which is kind of nice.

Install is complete.

--------------------
--------------------

Optionally, install the CSF mod_security controller in order to have some further browser based control over mod_security.

wget http://configserver.com/free/cmc.tgz

tar -xzf cmc.tgz

cd cmc/

./install.sh

Refresh WHM and scroll to the bottom of the left hand menu and you should see "ConfigServer ModSecurity Control"

To make sure it is working - After a while check the log file and look for pattern matches with the COMODO WAF rules showing up. On a fairly busy server it should show up quickly.

6

Update: After twitting this we were contacted by ModSecurity about this page.

  • 15 Users Found This Useful
Was this answer helpful?

Related Articles

VPS Control Panel Features

The following partial list of main features are available from inside your VPS control panel:...

Install cPanel on your VPS

Should you choose to install cPanel/WHM on your VPS yourself, this can be accomplished in a few...

Java error logging into console on Windows 7

First make sure you have Java installed or nothing will happen. Go to...

Install RVSitebuilder on your cPanel VPS

  After purchasing the license, SSH to your cPanel server as root and run...

How do I install cPanel

Before you install cPanel & WHM or cPanel DNSONLY, you should know that: Because cPanel is...