• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

modsecurity

  1. B

    Issue ModSecurity rule exception not working

    I need to make requests to the server via python scripts. This is prevented by default through ModSecurity Rule 913101 (User-Agent associated with scripting/generic HTTP client). To keep the highest level of security, I want to allow python requests only from certain IP addresses. For this...
  2. K

    Question ModSecurity Atomic rule set on Debian 11

    Hi In the Plesk Help Center, in the article 'Does Plesk support Debian 11' it is stated that ModSecurity Atomic rule set is not supported. Is there any prospect in supporting the (Advanced) Atomic rule set on Debian 11? What rule set do you use / advice? Thanks Kris
  3. S

    Resolved FORBIDDEN ACCESS

    Hello everybody, Some of my website visitor are getting FORBIDDEN ACCESS DENIED on my website. below is the information on modsecurity log: 15708555501342031954 141.101.107.81 80 127.0.0.1 80 --43640000-B-- GET /favicon.ico HTTP/1.1 Connection: Keep-Alive Accept...
  4. I

    Issue CloudFlare with modsecurity problem

    I installed the Plesk, after days not working, not reachable sites. In the logs I see the modsecurity blocked attackers (yet CloudFlare IP adresses) and nobody can visit the sites... I don´t know why at 21th century is not integrated there CloudFlares real IP getting... I must completely disable...
  5. A

    Question Plesk IM360 and ModSec

    I am having an issue with one of my server's IM360 ModSecurity Rule sets. I have another server with identical configuration (so I thought) where this issue is not present. The Issue: IM360 is configured and appears to be working fine. Fail to ban is OFF. Modsecurity is configured to use IM360...
  6. Oldiesmann

    Resolved shrinker.py: no such file or directory

    I've been getting emails related to a cron job which is apparently supposed to call a Python script to shrink the ModSecurity SDBM database (at least I assume that's what it's for since I found a similar utility on GitHub). Originally I was getting an error saying that the path to the python...
  7. phonia

    Issue Advanced ModSecurity Rules by Atomicorp missing in plesk control panel

    I installed the Advanced ModSecurity Rules by Atomicorp extension, purchased the license. The rules of Advanced ModSecurity Rules by Atomicorp in the Modsecurity panel (web application firewall) does not appear. I have tried uninstalling and reinstalling modsecurity but the problem remains.
  8. U

    Issue Error message ID 19494#0, 5467#0 and ModSecurity

    Dear support team, dear community. I'm new and I have some questions and I ask for your valued help as I still lack some experience. I get these error messages in the logs below. I read to use SSL it on the first two errors, which I do. Nevertheless, these error messages keep coming for all...
  9. S

    How do I properly configure the "Web Application Firewall" rules for a WordPress site so that there is no 500 Internal Server Error?

    I have a website hosted by Goodhost.kz with Plesk control panel. The site is built on WordPress using Elementor. Yesterday, when saving changes to the site through Elementor, there was a "500 Error". Also, there was a "500 Internal Server Error" error when logging into the WordPress admin panel...
    • salauatamet
    • Thread
    • 500 internal server error apache elementor modsecurity wordpress wordpress admin
    • Replies: 2
    • Forum: WP Toolkit
  10. A

    Issue ModSecurity Rule in custom directives ignored

    Hello, I have Mod security enabled on the server. Recently, we've been getting daily bots from cortex/1.0 bot (faceboook). WAF is on and set to comdo Free, and predefined to FAST. I have added some custom rules in the custom directives to limit that user-agent, from a solution I saw online used...
  11. S

    Issue Tools -> Web Application Firewall (ModSecurity) endless loading..

    OS: CentOS Linux 7.9.2009 (Core) Plesk Obsidian Version 18.0.38 The configuration page in Tools: ModSecurity always worked. But yesterday i found a problem. I had to change something in modsecurity. But yesterday i open: Tools -> Web Application Firewall (ModSecurity). The page is endless...
  12. Marc D.

    Issue ModSecurity : collections_remove_stale: Failed deleting collection

    Hello, With mod_security enabled (in detection mode only, in conjunction with fail2ban) we've got a lot of errors of this type : "collections_remove_stale: Failed deleting collection (name "ip", key "xxxxx"): Internal error (specific information not available) Apache-Error: [file...
  13. T

    Issue fail2ban.ipdns warning

    After updating from Onyx on two separate servers I'm receiving the following message in my fail2ban logs: 2020-02-25 09:32:00,864 fail2ban.filter [9022]: INFO [plesk-modsecurity] Found 107.77.207.56 - 2020-02-25 09:32:00 2020-02-25 11:20:40,767 fail2ban.ipdns [9022]: WARNING Unable...
  14. S

    Question Modsecurity + GeoIP rule not working

    I'm trying to get the following rule to work but it seems to do nothing: # Test IP address and block by country code SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat SecRule REMOTE_ADDR "@geoLookup" "chain,id:20,drop,msg:'Block China IP address'" SecRule GEO:COUNTRY_CODE "@streq CN HK" I have had the...
  15. Wiz

    Issue REPOSTED in REPORTS - Bug with Plesk's Modsecurity v2.9.3

    Hello, I wish to report a bug, and the fix, in the current released version of Plesk's modsecurity package version which is causing a segmentation fault in apache under Plesk Obsidian/Debian 9. /var/log/apache2# apt-cache policy libapache2-modsecurity-plesk libapache2-modsecurity-plesk...
  16. A

    Issue From past 3 days, getting a lot of Spam Traffic from US, How to Block?

    Before I go ahead let me mention couple of things, I'm having a dedicated server with CentOS 7, Plesk Onyx Web Pro Edition with Firewall, Fail2Ban & Modsecurity switched ON and nginx as my main webserver. (Not using Apache) From past 3 days, all of a sudden there was a spike in traffic and it...
  17. Jllynch

    Resolved Disabling Modsec rule not working

    We've tried disabling a Modsecurity rule both ways as per the knowledge base but it keep triggering. Any ideas? How to disable a single ModSecurity rule for a website? OS ‪CentOS Linux 7.6.1810 (Core)‬ Product Plesk Onyx Version 17.8.11 Update #56,
  18. P

    Issue Modsecurity event id 1

    I am having this error: The description for Event ID 1 from source ModSecurity cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. SecReadStateLimit...
  19. M

    Issue modsecurity block wordpress admins

    I read the howto to find out the ID .. but in my logfile there is to this event no ID.. how can I stop the admins from being blocked? --13f9e059-A-- [09/Apr/2019:17:09:57 +0200] XKy1wVdi8vEAAEi-kCsAAAAA xx.xx.xx.xx 53359 xx.xx.xx.xx 7081 --13f9e059-B-- POST /wp-admin/admin-ajax.php HTTP/1.0...
  20. T

    Issue modsecurity update error

    Hello, I am using the plesk panel in centos 7 and I have the error of the image, could you help me with this error? Thank you
Back
Top