Question modsecurity enabled via plesk web, but off via ssh command line

[Jose Maria Sarachaga]

Server operating system version

Ubuntu 20.04.5 LTS

Plesk version and microupdate number

Version 18.0.49 Update #2

Hello everyone
I'm just curious, i have enabled modsecurity on all my websites and i can see it's working in the log files.
Today i happened to run:
plesk bin nginx -s to get a list of all the modules installed and their status
and found modsecurity shows as OFF:

brotli on
geoip2 on
modsecurity off
pagespeed off

How can this be? am i misunderstanding something? shoud i enable it also via terminal?
Maybe i'm not seeing all the logs i should be seeing?

 

[Peter Debik]

Hi @Jose Maria Sarachaga , thank you for posting this question. In Plesk there are two ModSecurity services: 2.9 and 3.0. When you select 2.9 ModSecurity is applied on the Apache web server level, so you do not see it as a module in Nginx. When you select 3.0: That is for Nginx and you will see it in the Nginx configuration. You can see more on this topic here: Web Application Firewall (ModSecurity)