Recent content by klodoma

Thanks for the feedback. This is no good news for Nginx with ModSecurity.

@Kulturmensch Off topic, but DID YOU managed to get Nginx work with ModSecurity? I set it up, see the setup and all is in there, but there is no filtering, reporting, blocking or whatsoever.

I have modsecurity setup with apache and it works. I tried to setup modSecurity with nginx but nothing happens when enabled. It looks like it's not activated at all. I tried enabled/disabled, report only all modes, nothing. I test it with some simple injection queries which are blocked when...

Thank you for the Info, it's a good starting point.

Hi Forum I would like to ask if there is a upgrade/log/plan for ModSecurity for Plesk? On 20.06 we received a Plesk update which upgraded ModSecurity from 3.6.* to 4.2.0 and this caused major issues in our setup. We have several custom rules and nothing worked properly anymore. My Questions...

I cannot install Fail2Ban, any ideas? Plesk ObsidianVersion 18.0.40

I have enabled MFA (Google Authenticator) but it works only for "Administrator Accounts" that you create under Tools&Settings > Additional Administrator Accounts. If I create a normal Administrator User in the Users list, then it doesn't work. I get an error. Screenshots attached.

Overview after the domains were deleted:

Username: TITLE Domain delete, delete all domains linked to the account, without any confirmation PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE Plesk Obsidian 18.0.39, CentOS Linux 7.9.2009 (Core) PROBLEM DESCRIPTION We have a setup with domains, and subdomains, all linked to...

Ok, I deleted /usr/local/psa/admin/plib/modules/ssh-terminal folder, seems to be gone now. Not sure though if this is the best way.

I have 2 VPS servers where I tried to disable the `plesk-ssh-terminal` Following this thread: Question - Why is `plesk-ssh-terminal` running? and this link: How to disable root access via the SSH Terminal extension for the Plesk administrator? I did all the required steps. On one server the...

I would agree that this should run if you install the Plesk extension, but it runs by "default" which I don't think it is nice. And in order to disable it, you have to go on every server and disable it. Maybe it has some benefits to run, didn't digged into it to deep.

I kind of agree. Or somehow make it more transparent and even simple to disable it.

From the CSF/LDF Firewall I start getting these notifications: Time: Mon Sep 20 13:00:26 2021 +0200 Account: plesk-ssh-terminal Resource: Process Time Exceeded: 109277 > 1800 (seconds) Executable: /opt/psa/admin/plib/modules/ssh-terminal/libexec/plesk-ssh-terminal Command...

Same here. grafana-server -v Version 8.0.2 (commit: 5c5d45e19f, branch: HEAD)