• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Search results

  1. Ehud

    Outgoing email messages not DKIM signed when enabled for a domain and in server settings

    As can be seen on the attached print screen, the domain is well configured to have emails signed by DKIM, and the option selected only prevents Incoming emails. Yet server, which by the email content, does use the postfix Plesk service, does NOT sign with the DKIM key. This is found by me to...
  2. Ehud

    Question ModSecurity Comodo no rule update for weeks?

    Can I force an update after a reported failed attempt due to mis-configuration of the service? And if so, how could this be achieved / done?
  3. Ehud

    Question Plesk notification emails SMTP

    This should be enabled, as the way the emails are sent, doe NOT enable adding DKIM signature, which leads them to spam, which might be a security issue. IMHO, Plesk should take more seriously ANY security exposure arising from its product, and QUICKLY enable sending srever alert emails with a...
  4. Ehud

    Outgoing email messages not DKIM signed when enabled for a domain and in server settings

    I find the reported issue as a Plesk BUG, and not a feature request, as it poses a security risk, where one implementing a strict DMARC policy won't see an alert going to spam, or in order to get alerts, might loosen the strict DMARC security policy. I expect Plesk to provide a walk around to...
  5. Ehud

    Issue Imunify Webshield not uninstalled

    Can you please say, what was their solution?
  6. Ehud

    Apache (internal dummy connection) flooded logs

    Hi @SalvadorS, You may also read more about this kind of attack, attempt at exploiting the shellshock vulnerability, over here: https://www.johndstech.com/tag/modsecurity/ https://www.skepticism.us/posts/2015/05/new-in-your-face-malware-attacks-me-ringing-at-your-dorbell/
  7. Ehud

    Apache (internal dummy connection) flooded logs

    Hi SalvadorS, To the best of my understanding these are records of the Apache2 server being accessed via IP. This could be local server owns access, or others trying to access your server that way. The log file is: other_vhosts_access.log See that log listed on the Plesk Support KB article...
  8. Ehud

    Question Rate limiting on Ngnix

    Hi Igor, Thanks! Can you please advise regarding the rate requested which is requests per time: limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s; As in: Module ngx_http_limit_req_module NGINX Rate Limiting
  9. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    I have managed to walk-around a problem, where I could not make the BASH script return a STDOUT value to the SecRule. I did so, by first writing BAD IPs to a log file, and then, testing in a second rule if an IP is on the file. I have also created SecRule generating sessionID. I still haven't...
  10. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    SecRule needs some modification.
  11. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    Eureka! It now works as a charm. The last modification needed, was the change of the script permissions to be 755: The ModSecurity rule, which currently works, fast as a lightening. Due to the broad nature of the abuseipdb, this SecRule is one of the strongest and thin cyber security...
  12. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    I would adjust, so the checking of an IP would be done only once, within a timeframe. If IP is Ok, server is good. And if IP is blocked.. well, it would be blocked by the FireWall, as of its next connection... And not that this is the only server protection... However, out of the 0.1% attacks...
  13. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    Hi John, Thanks. I understand this aspect, and intended to observe it, or to, some how, serve an Ok, and test the IPs off-line a few seconds later, when still relevant to their activity. However, due to the fact most attacks rotate their IPs, and rarely use them again on the same target, a...
  14. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    Hi, For the last couples of days I'm struggling with having ModSecurity execute a bash script. This script dynamically checks an IP against abuseIPDB. The script works if activated as a stand alone, however fails, when called from a ModSecurity rule. When run on its own I insert a specific IP...
  15. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    Hi, The below is the checking part of the referred script. I'll start checking if and how may I use it. May I ask if you would have any thoughts regarding adjustment to the below code, that will make it suitable for running via a ModSecurity rule?
  16. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    Would you say, such script can be called by ModSecurity using the @inspectFile directive? https://github.com/ShaneOss/AbuseIPDB-cPanel-CSF/blob/master/checkipabuseipdb.sh
  17. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    Hi Mark, Thanks! I became aware of that option, however Plesk Support recommendation is not to use CSF in parallel to the Plesk Fire Wall.
  18. Ehud

    Question Integrating AbuseIPDB RealTime IP Check, possibly using ModSecurity and LUA

    Hi, I would like to check IPs connecting ports as 80 and 443, on real-time, against data base of abusing IPs, as abuseupdb.com. I have an API key, which allows curl checks. A test may look like this: Where the results would look like this: I also use ModSecurirty, that enables LUA...
    • Ehud
    • Thread
    • abuseipdb csf dynamic fail2ban firewall integration script modesecurity modesecurity ban ip remote_addr
    • Replies: 12
    • Forum: Plesk Obsidian for Linux
  19. Ehud

    Question AbuseIPDB with Fail2Ban

    Regarding the file: Note 3: Make sure to place your API key at its bottom:
  20. Ehud

    Question AbuseIPDB with Fail2Ban

    Hi, This is now possible. First create an account and get an API key from: https://www.abuseipdb.com/account The create the file: Place in the content: Note: the "" around 'comment=<matches>' were changed to single quotes ''. Note: the curl --tlsv1.2 --fail...
Back
Top