• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Mod_Security and Mod_Unique_id Install

I

InsertCoin

Basic Pleskian
Plesk: 9.5.2
OS: Ubuntu Hardy 8.04

I have been crawling around the internet looking for a way to install mod_security, however I have been unable to come up with a guide on how to do this. Most refer to installing it with "apt-get install libapache2-mod-security" and the documentation over at modsecurity.org advises that mod_unique_id needs to be enabled.

I found it on the server in /usr/lib/apache2/modules/mod_unique_id.so and tried to enable it to no avail (assume it needs to be compiled in).

Anyone know how I can get mod_security running?
 
Doesnt help really, as thats for centos/RH installs.

Ubuntu 8.04 doesn't have mod-security available.

Very strange that Plesk are not taking a more pro-active approach to allow people to be able to secure their server.
 
What about

apt-cache search mod_security

?

As I remember it may be libapache2-mod-security on Ubuntu.
 
Yep, that was my first attempt:

root@:/# apt-cache search mod_security
root@:/#

Is all that happens.

My sources.list:

deb http://archive.ubuntu.com/ubuntu hardy main restricted universe
deb http://archive.ubuntu.com/ubuntu hardy-updates main restricted universe
deb http://archive.ubuntu.com/ubuntu hardy-security main restricted universe

## This is temporary appended by Autoinstaller for
## specify source of product's packages for APT.
deb http://autoinstall.plesk.com/ubuntu/PSA_9.5.2 hardy all
 
Further information:

The reason for wanting to install is because if I create a file on my hosting (called bad.php) with the contents:

<? $secret_file = $_GET['secret_file'];
include ( $secret_file); ?>

And then call it with:

/bad.php?secret_file=/etc/passwd

It prints the contents of /etc/passwd to the browser, which is not very secure.
 
You must log in or register to reply here.

Similar threads

D
Issue Installing Rocket Chat in Plesk with Docker using tutorial, need an answer.
2
Replies
30
Views
1K
Hangover2
Hangover2
D
Issue Installing Mattermost via Docker in Plesk - issues with containers
2
Replies
21
Views
10K
David Borrink
D
michaeljoseph01
Question How to block non-mail traffic to certain ip?
Replies
1
Views
736
MarkM
MarkM
F
Question Install Python mods/packages
Replies
5
Views
1K
bonar
bonar
M
Issue nodejs installation failed
Replies
2
Views
1K
mudassarkhan
M
Back
Top