Plesk

Web Application Firewall (ModSecurity)

  • Dmitry Bystrov

    • In order to detect and prevent attacks against web applications, the web
    application firewall (ModSecurity) checks all requests to your web
    server and related responses from the server against its set of rules.
    If the check succeeds, the HTTP request is passed to website to retrieve
    the content. If the check fails, the predefined actions are performed.

    ModSecurity is supported in both Plesk for Linux and for Windows. It
    works as a web server (Apache or IIS) module.

    Turning on ModSecurity

    To turn on the web application firewall:

    1. Go to  Tools & Settings > Web Application Firewall
      (ModSecurity)       (in the  Security group).

      If you do not see this link, install the ModSecurity component in
      Tools & Settings > Updates > Add/Remove
      Components       > Web hosting group.

    2. Set the web application firewall mode to On or Detection
      only      . Each incoming HTTP request and the related response will be
      checked against a set of rules. If the check succeeds, the HTTP
      request will be passed to web site to retrieve the content. If the
      check fails, the event will be logged. In the Detection only
      mode, no other actions will be performed. In the On mode, the
      HTTP response will be provided with an error code.

      Note: The web application firewall modes can be set on the server and
      domain levels. However, the domain level mode cannot be higher
      than the mode set for the server. For example, if the web
      application firewall is working in Detection only mode on the
      server level, you will not be able to turn it to On for
      domains. Only Off and Detection only modes will be shown.

    3. Select the set of rules that will be checked by the web application
      firewall engine for each incoming HTTP request, or upload a custom
      rule set. You can select the following rule sets:

      • Atomic Basic ModSecurity. A free starter version of the Atomic
        ModSecurity rules, bundled with Plesk. It contains important
        security features and bug fixes released on a monthly basis. For
        rules included in this rule set, see <a class="reference internal" href="/en-US/obsidian/administrator-guide/server-administration/web-application-firewall-modsecurity/…

    Tweet
    Share
    Share
    Email
    0 Shares