• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

modsecurity

  1. I

    Issue CloudFlare with modsecurity problem

    I installed the Plesk, after days not working, not reachable sites. In the logs I see the modsecurity blocked attackers (yet CloudFlare IP adresses) and nobody can visit the sites... I don´t know why at 21th century is not integrated there CloudFlares real IP getting... I must completely disable...
  2. A

    Question Plesk IM360 and ModSec

    I am having an issue with one of my server's IM360 ModSecurity Rule sets. I have another server with identical configuration (so I thought) where this issue is not present. The Issue: IM360 is configured and appears to be working fine. Fail to ban is OFF. Modsecurity is configured to use IM360...
  3. Oldiesmann

    Resolved shrinker.py: no such file or directory

    I've been getting emails related to a cron job which is apparently supposed to call a Python script to shrink the ModSecurity SDBM database (at least I assume that's what it's for since I found a similar utility on GitHub). Originally I was getting an error saying that the path to the python...
  4. phonia

    Issue Advanced ModSecurity Rules by Atomicorp missing in plesk control panel

    I installed the Advanced ModSecurity Rules by Atomicorp extension, purchased the license. The rules of Advanced ModSecurity Rules by Atomicorp in the Modsecurity panel (web application firewall) does not appear. I have tried uninstalling and reinstalling modsecurity but the problem remains.
  5. U

    Issue Error message ID 19494#0, 5467#0 and ModSecurity

    Dear support team, dear community. I'm new and I have some questions and I ask for your valued help as I still lack some experience. I get these error messages in the logs below. I read to use SSL it on the first two errors, which I do. Nevertheless, these error messages keep coming for all...
  6. S

    How do I properly configure the "Web Application Firewall" rules for a WordPress site so that there is no 500 Internal Server Error?

    I have a website hosted by Goodhost.kz with Plesk control panel. The site is built on WordPress using Elementor. Yesterday, when saving changes to the site through Elementor, there was a "500 Error". Also, there was a "500 Internal Server Error" error when logging into the WordPress admin panel...
  7. A

    Issue ModSecurity Rule in custom directives ignored

    Hello, I have Mod security enabled on the server. Recently, we've been getting daily bots from cortex/1.0 bot (faceboook). WAF is on and set to comdo Free, and predefined to FAST. I have added some custom rules in the custom directives to limit that user-agent, from a solution I saw online used...
  8. S

    Issue Tools -> Web Application Firewall (ModSecurity) endless loading..

    OS: CentOS Linux 7.9.2009 (Core) Plesk Obsidian Version 18.0.38 The configuration page in Tools: ModSecurity always worked. But yesterday i found a problem. I had to change something in modsecurity. But yesterday i open: Tools -> Web Application Firewall (ModSecurity). The page is endless...
  9. Marc D.

    Issue ModSecurity : collections_remove_stale: Failed deleting collection

    Hello, With mod_security enabled (in detection mode only, in conjunction with fail2ban) we've got a lot of errors of this type : "collections_remove_stale: Failed deleting collection (name "ip", key "xxxxx"): Internal error (specific information not available) Apache-Error: [file...
  10. T

    Issue fail2ban.ipdns warning

    After updating from Onyx on two separate servers I'm receiving the following message in my fail2ban logs: 2020-02-25 09:32:00,864 fail2ban.filter [9022]: INFO [plesk-modsecurity] Found 107.77.207.56 - 2020-02-25 09:32:00 2020-02-25 11:20:40,767 fail2ban.ipdns [9022]: WARNING Unable...
  11. S

    Question Modsecurity + GeoIP rule not working

    I'm trying to get the following rule to work but it seems to do nothing: # Test IP address and block by country code SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat SecRule REMOTE_ADDR "@geoLookup" "chain,id:20,drop,msg:'Block China IP address'" SecRule GEO:COUNTRY_CODE "@streq CN HK" I have had the...
  12. Wiz

    Issue REPOSTED in REPORTS - Bug with Plesk's Modsecurity v2.9.3

    Hello, I wish to report a bug, and the fix, in the current released version of Plesk's modsecurity package version which is causing a segmentation fault in apache under Plesk Obsidian/Debian 9. /var/log/apache2# apt-cache policy libapache2-modsecurity-plesk libapache2-modsecurity-plesk...
  13. A

    Issue From past 3 days, getting a lot of Spam Traffic from US, How to Block?

    Before I go ahead let me mention couple of things, I'm having a dedicated server with CentOS 7, Plesk Onyx Web Pro Edition with Firewall, Fail2Ban & Modsecurity switched ON and nginx as my main webserver. (Not using Apache) From past 3 days, all of a sudden there was a spike in traffic and it...
  14. Jllynch

    Resolved Disabling Modsec rule not working

    We've tried disabling a Modsecurity rule both ways as per the knowledge base but it keep triggering. Any ideas? How to disable a single ModSecurity rule for a website? OS ‪CentOS Linux 7.6.1810 (Core)‬ Product Plesk Onyx Version 17.8.11 Update #56,
  15. P

    Issue Modsecurity event id 1

    I am having this error: The description for Event ID 1 from source ModSecurity cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. SecReadStateLimit...
  16. M

    Issue modsecurity block wordpress admins

    I read the howto to find out the ID .. but in my logfile there is to this event no ID.. how can I stop the admins from being blocked? --13f9e059-A-- [09/Apr/2019:17:09:57 +0200] XKy1wVdi8vEAAEi-kCsAAAAA xx.xx.xx.xx 53359 xx.xx.xx.xx 7081 --13f9e059-B-- POST /wp-admin/admin-ajax.php HTTP/1.0...
  17. T

    Issue modsecurity update error

    Hello, I am using the plesk panel in centos 7 and I have the error of the image, could you help me with this error? Thank you
  18. B

    Resolved Mod_Security Error Response body too large

    Hello, I use Plesk on Ubuntu and installed Mod_Security with Comodo ModSecurity subscription. I also set "Predefined Set Of Values" to THOROUGH. For large pages it returns an Error 500 page. The mod_security log file says: Message: Output filter: Response body too large (over limit of...
  19. V

    Issue Atomic ModSecurity No valid configurations found. Please run: /var/asl/bin/asl -c stderr

    Hi there I'm seeing the following error: Atomic ModSecurity No valid configurations found. Please run: /var/asl/bin/asl -c stderr while trying to enable Mod Security on a fresh CentOS 7 server, Plesk Onyx 17.8.11. Any input on how to solve the problem? Thanks!
  20. J

    Issue ModSecurity: returns default Apache test page - not 403

    Hello All! I have installed ModSecurity with basic atomic rules. The module is running, the log file contains error messages etc. The problem is that testing url mydomain.com/?abc=../../ is captured by ModSecurity, but returns the default Apache test page instead of 403 error: Apache 2 Test...
Back
Top