Author Topic: Switch from Comodo rules to OWASP latest, now not receiving notifications  (Read 312 times)

0 Members and 1 Guest are viewing this topic.

Offline
*****
Switched a server from Comodo to OWASP latest (4.7.0), since it seems like the company who bought Comodo and the WAF ruleset has killed it.
Keep getting an error when trying to login, and from posts I'm not the only one.

Problem that has come up is LFD isn't sending the notifications from ModSecurity after the switch.
ModSecurity is still doing it's job, and is working.

@overseer, have you run into this problem?

Thanks all.

Offline
*****
I will check out my servers.

As far as I know, Comodo is still rolling -- they just changed their name to Sectigo (dumbest re-branding ever!).
https://modsecurity.comodo.com

Offline
*****
Not 100% sure about that.

Been hit & miss, more miss than anything when trying to login to https://waf.comodo.com/

When I've been trying to login, only get:
We're sorry, but something went wrong.

I saw OWASP updated a couple weeks ago, so figured I would give those a shot again.
And considering that's the option by Default on CWP, didn't expect any problem.

Offline
*****
https://modsecurity.comodo.com/#Comodo-ModSecurity-Rules
Sign up FREE
https://accounts.comodo.com/ just let me create a new subscription to the Comodo WAF
SUBSCRIPTION EXPIRES ON October 23, 2025

Offline
*****
Yup. I've had an account, that's how I download the 1.241 ruleset and uploaded them.
Say's I'm currently good until 2024-12-22



Even created a KB article on how to do it because of that WooCommerce bug in 1.240

Offline
*****
Just out of curiosity created a new account and it doesn't work either.
Weird.

Are you to login and see the download option?

Offline
*****
@overseer have you been able to login to waf.comodo.com lately?

I'm still getting the same error.

Offline
*****
Re: Switch from Comodo rules to OWASP latest, now not receiving notifications
« Reply #7 on: November 01, 2024, 04:21:26 PM »
I don't usually login to that URL -- just accounts.comodo.com
But interestingly, if you do a password reset, it goes to https://cam.xcitium.com
I think Comodo is in the midst of an identity crisis. Comodo? Sectigo? Xcitium?

Offline
*****
Re: Switch from Comodo rules to OWASP latest, now not receiving notifications
« Reply #8 on: November 01, 2024, 04:30:05 PM »
The URL accounts.comodo.com show my license, but no link to download the ruleset. Unless I'm missing something.

Yea, that's why I think the free ruleset is dead, Xcitium seems like new company pushing it's won paid firewall.