This guide explains how to install the Comodo ModSecurity ruleset on cPanel/WHM using EasyApache 4. Comodo offers free and regularly updated ModSecurity rules for Apache and LiteSpeed.
📌 Requirements
- WHM/cPanel with EasyApache 4
- Root access via WHM or SSH
- ModSecurity already installed (can be installed via EasyApache 4)
🔧 Step 1: Access ModSecurity Vendors in WHM
- Login to WHM as root.
- Navigate to:
Home » Security Center » ModSecurity™ Vendors - Click “Add Vendor”.
🌐 Step 2: Import Comodo Ruleset
🔹 For Apache (EasyApache 4):
In the Vendor Configuration URL field, enter:
https://waf.comodo.com/doc/meta_comodo_apache.yamlThen click “Load”.
🔹 For LiteSpeed:
Use the following URL instead:
https://waf.comodo.com/doc/meta_comodo_litespeed.yamlThen click “Load”.
✅ Step 3: Enable & Deploy
- After loading the vendor, click “Save” to finalize the import.
- WHM will fetch the Comodo rules and install them.
- The rules will automatically apply to all domains using ModSecurity.
🔁 Optional: Restart Apache or LiteSpeed
Depending on your web server:
# Apache
/scripts/restartsrv_httpd
# LiteSpeed
/scripts/restartsrv_litespeed
🔍 Verify Installation
To confirm the rules are active:
- Navigate to WHM » ModSecurity Tools » Rules List
- You should see many rules prefixed with CWAF_ (Comodo Web Application Firewall)
🔐 Recommendation
Pair Comodo WAF with Imunify360 for advanced protection, malware scanning, and AI-based heuristics.