• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

mod_security

  1. J

    Question No security solution for Plesk on Almalinux 8.5

    Hello, can somebody can help me with finding server security solution for Plesk with Almalinux wchich is reliable? Mod_security is available only with standard rule sets, wchich I believe aren't updated frequently, and by checking my log - I see it's blocking legit traffic as well. Immunify360...
  2. Sofie76

    Resolved Web Application Firewall for Ubuntu 16.04 (Hacking attacks)

    Hello, we are running Plesk Obsidian with Ubuntu 16.04.7 LTS. At the moment its not possible for us to switch to Ubuntu 18 or 20. In the last week we have many hacker attacks (SQL Inserts) against our server. We have the normal firewall (iptables) and failtoban active but this is not enough...
  3. ibertrix

    Question Enable/disable mod_security on subscriber panel

    I am new to Plesk Obsidian on ubuntu 20.04. I am realizing that I can enable/disable mod_security from the administrator panel for a certain domain/subscriber. But I don´t see where I can switch on/off that from the suscriber panel. Apparently that was an option in previous versions of Plesk...
  4. jbjones817

    Issue Atomicorp mod_security ruleset not available on Ubuntu 18.04 and Plesk Obsidian

    I purchased a license for the Atomic mod_security ruleset because let's face it, the OWASP rules are waaaay to restrictive for anyone running WordPress. However, when I go to Tools & Settings -> Web Application Firewall it's not even one of the listed options.
  5. nisamudeen97

    Question disable mod_scurity only for a domain ?

    Hi, We could see a mod_security preventing a subdomain from downloading data. We have more than 100 websites in the server and we don't want to disable it for only for certain domains. Is that posible in plesk onyx ? Can any one share the steps ? ModSecurity: [file...
  6. S

    Issue Modsecurity: collections_remove_stale: Failed deleting collection

    Am running Plesk 12.5.30 on Centos 7 I just changed my Modsecurity to the Comodo ruleset. This seemed to work fine initially but now the log is full of errors like this: Message: collections_remove_stale: Failed deleting collection (name "ip", key...
  7. M

    Resolved Web Application Firewall - mod_security

    Hi, i have two questions concerning the topic. 1) Can Custom Directives be set per Domain/Subdomain? For example "SecRequestBodyAccess off". Or is it only possible to globally set them in "Tools & Settings" - "Web Application Firewall (ModSecurity)" - "Change Rule Set"? 2) What's the correct...
  8. websavers

    Issue Mod_Security IP persistent storage massive

    This issue affects CentOS6 running mod_security-2.9.0-centos6.16102616.x86_64 From repo : PLESK_17_0_17-extras OS ‪CentOS 6.9 (Final)‬ Product Plesk Onyx Version 17.0.17 Update #28, last updated on June 23, 2017 04:09 AM The detected symptoms of the issue: - High CPU usage on servers with...
Back
Top