Author Topic: mod_security with Comodo WAF locks out everbody  (Read 2300 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Re: mod_security with Comodo WAF locks out everbody
« Reply #15 on: January 16, 2024, 06:53:30 PM »
... Temporary solution is to disable mod_security on the account/domain in question.

No, I just switched to OSWAP rules until fix that. No need to disable mod_security.

Disabled Comodo rule with ID 218500 until fix. OWASP causes other incompatibilities so this way we can continue to use Comodo and no need to disable mod_security.

Added..

SecRuleRemoveById 218500

..to /usr/local/apache/modsecurity-cwaf/custom_user.conf

Offline
*
Re: mod_security with Comodo WAF locks out everbody
« Reply #16 on: January 16, 2024, 07:33:43 PM »
... Temporary solution is to disable mod_security on the account/domain in question.

No, I just switched to OSWAP rules until fix that. No need to disable mod_security.

Disabled Comodo rule with ID 218500 until fix. OWASP causes other incompatibilities so this way we can continue to use Comodo and no need to disable mod_security.

Added..

SecRuleRemoveById 218500

..to /usr/local/apache/modsecurity-cwaf/custom_user.conf

I am having the same issue as everyone after an update on WooCommere.  This fix my issue =)

Offline
****
Re: mod_security with Comodo WAF locks out everbody
« Reply #17 on: January 20, 2024, 08:20:18 PM »
If anyone needs it, I created a step by step tutorial.
I apologize it took me so long, it's been on my to do list.

https://my.starburstservices.com/index.php?fuse=knowledgebase&controller=articles&view=article&articleId=28

Offline
****
Re: mod_security with Comodo WAF locks out everbody
« Reply #18 on: March 27, 2024, 06:22:34 PM »
FYI Comodo released ruleset 1.241 that took care of this issue on 2024-01-21.

Offline
**
Re: mod_security with Comodo WAF locks out everbody
« Reply #19 on: March 28, 2024, 02:51:13 PM »
Very thank you!
You may use our FREE SMTP Newsletter APP at https://www.emailbat.com