Question
- How to add a custom rule to Web Application Firewall (ModSecurity) in Plesk?
- Can I add a global custom rule to Web Application Firewall (ModSecurity) in Plesk?
Answer
1. Log in to Plesk
2. Go to Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab
3. Ad the rule to the "Custom Directives" section
Note: For example, the following rule restricts access to any .php
file on domains:
SecRule REQUEST_URI ".*.php$" "id:555555,log,noauditlog,deny,status:403"
4. Press Apply