• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

How to Mod_security on plesk servers

I can't run blacklist.conf on freebsd5.5/Apache/2.0.59 either.
Any type of load at all will bring down apache and If not configured correctly will bring down the whole box. I am able to run all the rest of the gotroot rules just fine, only have to comment out blacklist.conf.
 
I'm making my own at this time, although we won't be supporting ASL 2.0 on RH9. I'm purely using it as a research platform at this time.

And yes, ASL is written on CentOS4, and then ported to the other platforms. So definitely, you'd want to run it on there.

We've managed to put together an alternate implementation for the blacklists that gets around the memory issues on the newer platforms. We basically moved that check into another application (not mod_security).
 
Hi,

I am considering purchasing this (and I know Im not in the right forums for this, but its a general quesetion) and saw above that there were some performance concerns with certain OS builds/Distros

Is there any problems with RHEL 4 that anyone knows about?
 
No, aside from the mentioned memory leak in 2.x. I do all my testing on CentOS4/RHEL4, so other than that one, I havent run into anything yet.
 
Hi atomicturlt - thanks for the reply.

I have one more question if you dont mind.

I use apache 2.0, and already have mod_security 2.x installed on the server. Would that need to be removed in order to install the ASL or can it work in conjunction with what is there?
 
Yeah, it would need to be removed. I had to modify the reporting format to integrate with the SIM. Without it you won't be able to do cross-event IDS correlation.
 
I'm sure that the ASL is worth every penny it and everyone else says it is, but for those of you who dont like purchasing things this is how I was able to setup mod_sec on my server - and very easily at that.

http://www.pleskhosts.com/forum/showthread.php?t=34

Personally I am using this in production while looking at the ASL in dev and test boxes.
 
Hi HostingGuy:

Are you aware that you need to log in to view content at the above link?

John
 
Yep, Ive got rpms for rhel3/4/5, centos 3/4/5, Fedora 4/5/6/7. RPM's are also in the fedora-extras channel for 4/5/6, and in the Fedora 7 main/base channel.
 
Hi,

Does anyone have a How To for installing mod_security 2.1.x on CentOS with Apache 2.x

Regards,

Ryan
 
Hi

i want to install mod_security on a Fedora Core II box with PLESK 8.0 but compile fails
Code: 
/bin/sh /usr/lib/apr/build/libtool --silent --mode=compile gcc  -pthread  -O2 -g -Wuninitialized -Wall -Wmissing-prototypes -Wshadow -Wunused-variable -Wunused-value -Wchar-subscripts -Wsign-compare -DWITH_LIBXML2 -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -DAP_HAVE_DESIGNATED_INITIALIZER -DSSL_EXPERIMENTAL_ENGINE -I/usr/kerberos/include -I /usr/include/libxml2 -I/usr/include/httpd -I/usr/include/apr-0 -I/usr/include/openssl -DAP_FNAME=\"mod_security2.c\" -prefer-pic -c mod_security2.c && touch mod_security2.slo
In file included from modsecurity.h:35,
                 from mod_security2.c:16:
msc_pcre.h:16:18: pcre.h: No such file or directory
make: *** [mod_security2.slo] Fehler 1
httpd-devel, pcre-devel, apr-devel and apr-utils-devel are installed
Any ideas why compiling fails?

Thx and regards
ACID25
 
Hi

one new problem...so i followed instructions on the first page to install mod_security....but i think these instructions are not for mod_security2;)

So i recompile mod_security with make&make install

then i want to restart httpd and i got this message
Code: 
httpd starten: Syntax error on line 199 of /etc/httpd/conf/httpd.conf:
Cannot load /etc/httpd/modules/mod_security2.so into server: /etc/httpd/modules/mod_security2.so: undefined symbol: msc_alert
                                                           [FEHLGESCHLAGEN]
so i don´t know how to get this work :(....any ideas what do to?

THX and regards
ACID25
 
You must log in or register to reply here.

Similar threads

majdi draouil
Input How to Change the SOGo Mail Icon in Plesk Interface?
Replies
5
Views
1K
Sebahat.hadzhi
Sebahat.hadzhi
T
Issue Stop Plesk Brute Force Attacks NOW: Cloudflare + Windows Server Fix
Replies
0
Views
345
TheHostingHeroes
T
A
Resolved Unable to reinstall modsecurity after upgrade from Onyx to Obsidian
Replies
1
Views
911
Abernathy
A
D
Resolved How to configure the new SmartHost feature using CLI
Replies
2
Views
613
danimora
D
W
Question How to get past "welcome to plesk" prompt over index.html
Replies
3
Views
927
Kaspar@Plesk
Kaspar@Plesk
Back
Top