The plugin does not currently support OpenLiteSpeed, hence it might only confuse administrators. Run the following command as root: perl -pi -e 's/active=yes/active=no/' /usr/local/directadmin/plugins/comodo_waf/nf Comodo WAF is a ModSecurity rule set create by the Comodo Team. It does not effect the mod_security rules, only a web-interface. So we should disable DirectAdmin Comodo WAF plugin which gets installed with the installation of ModSecurity. At the moment the plugin supports only Nginx webserver. In the Imunif圓60 dashboard, there is a message that says: > Some security vendors are now employing ModSecurity rules on your servers tend to deliver a. Perl -pi -e 's/^SecDefaultAction /#SecDefaultAction /' custom/openlitespeed/conf/nfĬomodo WAF offers a web-interface to manage its settings and rules as a plugin for DirectAdmin. Here is a fix: cd /usr/local/directadmin/custombuild/ You will want to look for an entry with the letter H after the event ID (in our example, eece5138-H-). opt/comodo/waf for CentOs: edit the file /etc/httpd/conf.d/nf to include the following configuration key: Include /opt/comodo/waf/etc/nf restart Apache. */SecRequestBodyAccess On/' custom/openlitespeed/conf/nfĪ first start might fail with the following error: ' SecDefaultActions can only be placed once per phase and configuration context'. This rule is causing that output on my server. The Comodo Free Mod Security Rules - Quick Start Guide says to: download the rules (done) extract them to a folder on the server E.g. In order to get the ModSecurity to work we need to set "SecRequestBodyAccess On", here is how can we do it on a DirectAdmin server without a risk to loose customization: cd /usr/local/directadmin/custombuild/Ĭp -p configure/openlitespeed/conf/nf custom/openlitespeed/conf/ It supplies an array of request filtering and other security features to the. build openlitespeedĪs soon as the installation completes we will need to update settings. Introducing ModSecurity ModSecurity is an open source web application firewall. build set modsecurity yesĪnd finally we start an installation. InstallationĪll the installation steps should be done in a server console.įirst we change directory and update the custombuild script to make sure it will use actual versions: cd /usr/local/directadmin/custombuild Here are instructions on how to install and enable it. As of now you can use OpenLiteSpeed with ModSecurity and ruleset from Comodo on a DirectAdmin server.
0 Comments
Leave a Reply. |