HEX
Server: Apache/2
System: Linux nexus-01 4.18.0-553.120.1.el8_10.x86_64 #1 SMP Mon Apr 20 18:04:27 EDT 2026 x86_64
User: aglcoke (1118)
PHP: 8.2.31
Disabled: mail,exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /usr/local/cwaf/rules/
Upload Files
File: //usr/local/cwaf/rules/01_Init_AppsInitialization.conf
# ---------------------------------------------------------------
# Comodo ModSecurity Rules
# Copyright (C) 2022 Comodo Security solutions All rights reserved.
#
# The COMODO SECURITY SOLUTIONS Mod Security Rule Set is distributed under
# THE COMODO SECURITY SOLUTIONS END USER LICENSE AGREEMENT,
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------
# This is a FILE CONTAINING CHANGED or MODIFIED RULES FROM THE:
# OWASP ModSecurity Core Rule Set (CRS)
# ---------------------------------------------------------------

SecRule REQUEST_COOKIES_NAMES "@rx ^wordpress_(?:(?:sec|logged_in)_)?([0-9a-fA-f]{32})$" \
	"id:209580,msg:'COMODO WAF: Setting variable TX:WordPress for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,setvar:'TX.WordPress=1',nolog,t:none,rev:1,severity:2,tag:'CWAF',tag:'AppsInitialization'"

SecRule REQUEST_COOKIES:/^[a-f0-9]{32}$/ "@rx ^(?:[a-z0-9]{26}|[a-z0-9]{32})$" \
	"id:209590,msg:'COMODO WAF: Setting variable TX:Joomla for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,setvar:'TX.Joomla=1',nolog,t:none,rev:2,severity:2,tag:'CWAF',tag:'AppsInitialization'"

SecRule REQUEST_COOKIES_NAMES "@rx ^sess([0-9a-f]{32})$" \
	"id:209600,msg:'COMODO WAF: Setting variable TX.drupal for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,setvar:'TX.drupal=1',nolog,t:none,t:lowercase,rev:1,severity:2,tag:'CWAF',tag:'AppsInitialization'"

SecRule &REQUEST_COOKIES:SenayanAdmin "@ge 1" \
	"id:209610,msg:'Setting variable TX.SLiMS_Akasia for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,setvar:'TX.SLiMS_Akasia=1',nolog,t:none,t:lowercase,rev:1,severity:2,tag:'CWAF',tag:'AppsInitialization'"

SecRule REQUEST_COOKIES:/^INTELLI_/ "@rx ^[a-z0-9]{26}$" \
	"id:209620,msg:'Setting variable TX.Subrion_CMS for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,setvar:'TX.Subrion_CMS=1',nolog,t:none,t:lowercase,rev:1,severity:2,tag:'CWAF',tag:'AppsInitialization'"

SecRule REQUEST_COOKIES_NAMES "@beginsWith s9y_" \
	"id:209630,chain,msg:'Setting variable TX.serendipity_admin for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,nolog,t:none,t:lowercase,rev:1,severity:2,tag:'CWAF',tag:'AppsInitialization'"
SecRule MATCHED_VAR "@rx ^s9y_([0-9a-fA-f]{32})$" \
	"setvar:'TX.serendipity_admin=1'"

SecRule REQUEST_COOKIES:CONCRETE5 "@rx ^[0-9a-z]{26}$" \
	"id:209640,msg:'Setting variable TX.CONCRETE5=1 for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,setvar:'TX.CONCRETE5=1',nolog,t:none,t:lowercase,rev:1,severity:2,tag:'CWAF',tag:'AppsInitialization'"

SecRule REQUEST_COOKIES:/^ADMIDIO_/ "@rx ^[0-9a-z]{26}$" \
	"id:209650,msg:'Setting variable TX.ADMIDIO=1 for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,setvar:'TX.ADMIDIO=1',nolog,t:none,t:lowercase,rev:1,severity:2,tag:'CWAF',tag:'AppsInitialization'"

SecRule REQUEST_COOKIES:/^glpi_/ "@rx ^[a-z0-9]{26}$" \
	"id:209660,msg:'Setting variable TX.GLPI for modsec3||%{tx.domain}|%{tx.mode}|2',phase:2,pass,setvar:'TX.GLPI=1',nolog,t:none,t:lowercase,rev:2,severity:2,tag:'CWAF',tag:'AppsInitialization'"

SecAction \
	"id:219000,phase:2,pass,setvar:'tx.xmlrpc_watch_period=300',setvar:'tx.xmlrpc_requests_limit=5',setvar:'tx.xmlrpc_block_timeout=600',nolog"
@ Telegram