In order to detect and prevent attacks against web applications, the web
application firewall (ModSecurity) checks all requests to your web
server and related responses from the server against its set of rules.
If the check succeeds, the HTTP request is passed to website to retrieve
the content. If the check fails, the predefined actions are performed.
ModSecurity is supported in both Plesk for Linux and for Windows. It
works as a web server (Apache or IIS) module.
To turn on the web application firewall:
Go to Tools & Settings > Web Application Firewall
(ModSecurity) (in the Security group).
If you do not see this link, install the ModSecurity component in
Tools & Settings > Updates > Add/Remove
Components > Web hosting group.
Set the web application firewall mode to On or Detection
only. Each incoming HTTP request and the related response will be
checked against a set of rules. If the check succeeds, the HTTP
request will be passed to web site to retrieve the content. If the
check fails, the event will be logged. In the Detection only
mode, no other actions will be performed. In the On mode, the
HTTP response will be provided with an error code.
Note: The web application firewall modes can be set on the server and
domain levels. However, the domain level mode cannot be higher
than the mode set for the server. For example, if the web
application firewall is working in Detection only mode on the
server level, you will not be able to turn it to On for
domains. Only Off and Detection only modes will be shown.
Select the set of rules that will be checked by the web application
firewall engine for each incoming HTTP request, or upload a custom
rule set. You can select the following rule sets:
Atomic Basic ModSecurity. A free starter version of the Atomic
ModSecurity rules, bundled with Plesk. It contains important
security features and bug fixes released on a monthly basis. For
rules included in this rule set, see <a class="reference internal" href="/en-US/obsidian/administrator-guide/server-administration/web-application-firewall-modsecurity/…