modsecurity

Hi guys, i have Plesk installed on AlmaLinux 8.10 (Cerulean Leopard) with Plesk Obsidian 18.0.70. For some days now, ModSecurity (Atomicorp) has not been logging events for some domains to the modsec_audit.log file. However, the WAF is working correctly, as its actions are clearly shown in the...

Hi everybody, I’m experiencing an issue with the Web Application Firewall (ModSecurity) after purchasing the Atomic license. When attempting to enable the WAF using the “Atomic Advanced (bought from Plesk)” ruleset, I receive the following error: I’ve already tried: Reinstalling ModSecurity...

I’m planning to make a third attempt next week to install ModSecurity under Plesk. During the setup, there’s an option to choose whether ModSecurity should be applied to Nginx or Apache. Since I’m using Nginx as a reverse proxy in front of Apache, it’s unclear which option I should select.

I created exception security rule IDs and the next day they disappeared. I have : Comodo (free) (ModSecurity 2.9) updated daily

I have modsecurity setup with apache and it works. I tried to setup modSecurity with nginx but nothing happens when enabled. It looks like it's not activated at all. I tried enabled/disabled, report only all modes, nothing. I test it with some simple injection queries which are blocked when...

I just started to give modsecurity a second try but got this after re-installed it with plesk-installer. Starting with the configuration Nginx (Modsecurity 3.0) I get the following error: Changing the configuration from Nginx (Modsecurity 3.0) to Apache (Modesecurity 2.9) it starts without...

Hello since last update i have much trouble with my plesk installation Every night turn my plesk all the engines off apache and nginx and my websites are not resolvable i get then nginx500 bad gateway. It's seems to have problems with ModSecurity because if i go to my plesk i see a error...

After some problems with Modsecurity I removed it using Plesk installer (web interface). This seemed to work and now it is indicated as removed However in /etc/nginx/conf.d/ modsecurity.conf still exists with the following content: So it says Modsecurity is on and receives the configuration...

--0c650000-F-- HTTP/1.1 500 Internal Server Error --0c650000-H-- Message: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "C:\/Program Files (x86)/Plesk/ModSecurity/rules/modsecurity_crs-plesk/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1367"] [id "920320"] [msg "Missing User...

Hi Forum, We are using the Apache server in our production environment. To use ModSecurity V3 (libmodsecurity), we need to use the ModSecurity-apache connector. This project is under development and not production-ready. The functionality is not complete, so we cannot use use with Apache HTTP...

I have a problem when i try to active mod security in my server, i have that error: Can not restart web server: apache_control_adapter[843803]: graceful restart failed, perform full restartapache_control_adapter[843803]: apache_action(graceful): invoke_httpd_action failed, trying second...

Hi, As the title says when I try to use some directive in my vhost this one doesn't work, unlike when I write it in the main file. main file would be... /var/www/vhosts/system/domain/conf/httpd.conf vhost files would be... /var/www/vhosts/system/domain/conf/vhost_ssl.conf and vhost.conf (I...

Hi, is there a way to get the date ModSecurity was installed/enabled? I see the log files, but it looks like there is only a week's worth and I installed/enabled it before then. It wasn't installed on my Plesk installation, so I installed and activated the same date..perhaps I can determine...

Just want to check before I go ahead with this The youtube video above suggests disabling WAF (ModSecurity) if using Immunify360. I have a plesk server with 50+ websites hosted for clients. Is this something that is actually recommended to do?

In the process of upgrading to Obsidian, I had this conflict ; Exception: Failed to solve dependencies: plesk-modsecurity-configurator conflicts with mod_security-2.9.2-centos7.19091318.x86_64 I did remove mod_security thinking I would reinstall it after upgrade. Maybe I should have used the...

Hey everyone i have enabled modesecurity for my website using atomic corp rules. but when I update something on website using elementor keeping modsec on it gives me internal server error. if I turn off modsec and update it works fine. but I want to resolve this with modsec on. your help will be...

My current setup is Apache + ModSecurity with imunify360 ruleset. I want to run Nginx as a reverse proxy for Apache. Will I have to switch Mod security from Apache WAF to Nginx WAF with Imunify360 ruleset or do I keep Modsecurity as Apache? Is that supported?

Hi, I have a WCF site, that can't be called when ModSecurity is on. Found the description below in the EventViewer. Can this be solved? [client 46.39.122.103] ModSecurity: Access denied with code 403 (phase 1). Pattern match...

When entering this option we do not see any records, even though we have configured the tool to launch automatically daily at 06:25 every 60 minutes. When trying to launch the manual check, the following error appears: logparser failed: ERROR: Failed to construct 'audit-modsec-with-ts' step...

When I activate ModSecurity I have a problem with content types: [msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||app.domain.de|F|2"] [data "TX:0=application/merge-patch+json"] Where I find die file userdata_wl_content_type to add...