modsecurity

OS: CentOS Linux 7.9.2009 (Core) Plesk Obsidian Version 18.0.38 The configuration page in Tools: ModSecurity always worked. But yesterday i found a problem. I had to change something in modsecurity. But yesterday i open: Tools -> Web Application Firewall (ModSecurity). The page is endless...

Hello, With mod_security enabled (in detection mode only, in conjunction with fail2ban) we've got a lot of errors of this type : "collections_remove_stale: Failed deleting collection (name "ip", key "xxxxx"): Internal error (specific information not available) Apache-Error: [file...

After updating from Onyx on two separate servers I'm receiving the following message in my fail2ban logs: 2020-02-25 09:32:00,864 fail2ban.filter [9022]: INFO [plesk-modsecurity] Found 107.77.207.56 - 2020-02-25 09:32:00 2020-02-25 11:20:40,767 fail2ban.ipdns [9022]: WARNING Unable...

I'm trying to get the following rule to work but it seems to do nothing: # Test IP address and block by country code SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat SecRule REMOTE_ADDR "@geoLookup" "chain,id:20,drop,msg:'Block China IP address'" SecRule GEO:COUNTRY_CODE "@streq CN HK" I have had the...

Hello, I wish to report a bug, and the fix, in the current released version of Plesk's modsecurity package version which is causing a segmentation fault in apache under Plesk Obsidian/Debian 9. /var/log/apache2# apt-cache policy libapache2-modsecurity-plesk libapache2-modsecurity-plesk...

Before I go ahead let me mention couple of things, I'm having a dedicated server with CentOS 7, Plesk Onyx Web Pro Edition with Firewall, Fail2Ban & Modsecurity switched ON and nginx as my main webserver. (Not using Apache) From past 3 days, all of a sudden there was a spike in traffic and it...

We've tried disabling a Modsecurity rule both ways as per the knowledge base but it keep triggering. Any ideas? How to disable a single ModSecurity rule for a website? OS ‪CentOS Linux 7.6.1810 (Core)‬ Product Plesk Onyx Version 17.8.11 Update #56,

I am having this error: The description for Event ID 1 from source ModSecurity cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. SecReadStateLimit...

I read the howto to find out the ID .. but in my logfile there is to this event no ID.. how can I stop the admins from being blocked? --13f9e059-A-- [09/Apr/2019:17:09:57 +0200] XKy1wVdi8vEAAEi-kCsAAAAA xx.xx.xx.xx 53359 xx.xx.xx.xx 7081 --13f9e059-B-- POST /wp-admin/admin-ajax.php HTTP/1.0...

Hello, I am using the plesk panel in centos 7 and I have the error of the image, could you help me with this error? Thank you

Hello, I use Plesk on Ubuntu and installed Mod_Security with Comodo ModSecurity subscription. I also set "Predefined Set Of Values" to THOROUGH. For large pages it returns an Error 500 page. The mod_security log file says: Message: Output filter: Response body too large (over limit of...

Hi there I'm seeing the following error: Atomic ModSecurity No valid configurations found. Please run: /var/asl/bin/asl -c stderr while trying to enable Mod Security on a fresh CentOS 7 server, Plesk Onyx 17.8.11. Any input on how to solve the problem? Thanks!

Hello All! I have installed ModSecurity with basic atomic rules. The module is running, the log file contains error messages etc. The problem is that testing url mydomain.com/?abc=../../ is captured by ModSecurity, but returns the default Apache test page instead of 403 error: Apache 2 Test...

Plesk Onyx v17.8.11_build1708180301.19 os_Ubuntu 16.04 I've recently noticed the following in my modsec_audit.log: Message: collection_store: Failed to access DBM file "/var/asl/data/msa/ip": Permission denied Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client xxx.xxx.xxx.xxx]...

When I logged in to Plesk, ModSecurity errors have been warned of last week. How can I resolve the errors below? Is this a ModSecurity side or a Collabora Repo side? I tried recreating Collabora Repo. I was able to update with yum update without problems. This itself exists. Please help.

Hello; I have issues installing Atomic Basic ModSecurity, below is the error message i got. i use plesk 17.8.11 and debian 9 Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: directory '/var/lib/plesk/modsec/.gnupg' created gpg: keybox...

Hi Pleskians, yesterday i installed a fresh Debian 9.4 installation to check the new Plesk Onyx 17.8.11. Everything runs fine, except for the error named in title. I really don't know what i can do. I'm not able to activate the Web Application Firewall with the Atomic ModSecurity Ruleset (Free...

Hi, i had this some while ago, where I excluded a ModSec Rule. But this OVIOUSLY is not working. I must say - i am very annoyed. As my last Post regarding Mailbox Outgoing Control is NOT working and no answer. Now I find another Problem on another Server and gues what: NOT WORKING. So the...

The average amount of memory per process seems way to high. Is there a way to crank this down? I am on a instance with 15GB of memory and 4 cores Running Cloudlinux. Already disabled perl and a couple other modules I know I don't need. Do I need the proxy and ldap modules? Thanks.

Am running Plesk 12.5.30 on Centos 7 I just changed my Modsecurity to the Comodo ruleset. This seemed to work fine initially but now the log is full of errors like this: Message: collections_remove_stale: Failed deleting collection (name "ip", key...