ModSec Comodo rules disappear after 2.3.1 update

Hello,

I’ve been running Comodo’s firewall rules with CyberPanel’s ModSec. After updating to CP 2.3.1, Comodo is no longer showing on ModSecurity Rules Packs. Only OWASP is there.

When I click from that screen to ModSec Docs → ModSecurity Rules Packages
https://cyberpanel.net/docs/4-mod-security-rules-packages/
I hit a 404 page.

Curious about what is changing with ModSec under CP, and how to access docs to change / configure rules packs since I might have to switch to OWASP or Atomicorp if Comodo’s no longer supported.

Thank you,
– Dave

Comodo rules was removed long time ago. You should update your panel more often, I have reminder every month to update panel.

I’ll be more diligent about watching for CP updates.

The docs still use Comodo in the example for setting up ModSec + rule package. This will probably confuse some people (like me).

I just checked the log and see that Comodo rules are currently working on my server. Even though Comodo is not displaying under the Rules Packs, 403s from those rules are currently being logged. I think if I enable the OWASP rules, that should probably switch my server from Comodo.

Regards,
– Dave

I think reason they take those out, was you need register to download rules from comodo. So cyberpanel can’t load them automatically.

Yes, that makes sense. I followed this tutorial a few months ago:

and did the manual update. But it is a multi-step process. With Comodo having announced that they will no longer support free ModSec rules sets, going with OWASP via CyberPanel makes the most sense because you get the same functionality without the hassle of manual setup.

Thanks for replying to my question, Dreamer. It’s been good talking with you.

– Dave