Plesk 360 login
Free Trial

Knowledge Base

Web Application Firewall (ModSecurity)

 
administrator guideserver administrationapachedomainsfeatures

In order to detect and prevent attacks against web applications, the web
application firewall (ModSecurity) checks all requests to your web
server and related responses from the server against its set of rules.
If the check succeeds, the HTTP request is passed to website to retrieve
the content. If the check fails, the predefined actions are performed.

ModSecurity is supported in both Plesk for Linux and for Windows. It
works as a web server (Apache or IIS) module.

Turning on ModSecurity

To turn on the web application firewall:

  1. Go to  Tools & Settings > Web Application Firewall
    (ModSecurity)     (in the  Security group).

    If you do not see this link, install the ModSecurity component in
    Tools & Settings > Updates > Add/Remove
    Components     > Web hosting group.

    image 78702

  2. Set the web application firewall mode to On or Detection
    only    . Each incoming HTTP request and the related response will be
    checked against a set of rules. If the check succeeds, the HTTP
    request will be passed to web site to retrieve the content. If the
    check fails, the event will be logged. In the Detection only
    mode, no other actions will be performed. In the On mode, the
    HTTP response will be provided with an error code.

    Note: The web application firewall modes can be set on the server and
    domain levels. However, the domain level mode cannot be higher
    than the mode set for the server. For example, if the web
    application firewall is working in Detection only mode on the
    server level, you will not be able to turn it to On for
    domains. Only Off and Detection only modes will be shown.

  3. Select the set of rules that will be checked by the web application
    firewall engine for each incoming HTTP request, or upload a custom
    rule set. You can select the following rule sets:

    • Atomic Basic ModSecurity. A free starter version of the Atomic
      ModSecurity rules, bundled with Plesk. It contains important
      security features and bug fixes released on a monthly basis. For
      rules included in this rule set, see <a class="reference internal" href="/en-US/obsidian/administrator-guide/server-administration/web-application-firewall-modsecurity/…

Read the full article
Related Posts
Knowledge Base

Hosting Wiki