Knowledge Base

ModSecurity log is empty on Plesk server

 
apachemod securityplesk for linuxplesk serversecurity

Symptoms

  • Mod Security log /var/log/modsec_audit.log is empty;
  • The command below shows that ModSecurity is disabled:

    # /usr/local/psa/admin/bin/modsecurity_ctl -s
    Disabled

Cause

ModSecurity is not enabled on the server.

Resolution

  1. Log in the server via SSH.

    Note: if direct SSH access to the server is not possible, contact server administrator for further assistance.

  2. To enable Mod Security use the following command:

    # /usr/local/psa/admin/bin/modsecurity_ctl -e

  3. After that operation, /var/log/modsec_audit.log will be created in the following directory:

    # ls -la /var/log/modsec_audit.log
    -rw-r—– 1 root root 865608 Jun 29 09:37 /var/log/modsec_audit.log

Note: if ModSecurity is enabled and /var/log/modsec_audit.log is empty, it means that no attack/threads are detected.
OR
ModSecurity is set to Detection only and it writes to Apache logs.

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2023 Plesk International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of Plesk International GmbH.

Managed with love with Plesk WP Toolkit

Plesk uses LiveChat system (3rd party).

By proceeding below, I hereby agree to use LiveChat as an external third party technology. This may involve a transfer of my personal data (e.g. IP Address) to third parties in- or outside of Europe. For more information, please see our Privacy Policy.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt