• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question modsecurity enabled via plesk web, but off via ssh command line

J

Jose Maria Sarachaga

New Pleskian
Server operating system version
Ubuntu 20.04.5 LTS
Plesk version and microupdate number
Version 18.0.49 Update #2
Hello everyone
I'm just curious, i have enabled modsecurity on all my websites and i can see it's working in the log files.
Today i happened to run:
plesk bin nginx -s to get a list of all the modules installed and their status
and found modsecurity shows as OFF:

brotli on
geoip2 on
modsecurity off
pagespeed off

How can this be? am i misunderstanding something? shoud i enable it also via terminal?
Maybe i'm not seeing all the logs i should be seeing?
 
Hi @Jose Maria Sarachaga , thank you for posting this question. In Plesk there are two ModSecurity services: 2.9 and 3.0. When you select 2.9 ModSecurity is applied on the Apache web server level, so you do not see it as a module in Nginx. When you select 3.0: That is for Nginx and you will see it in the Nginx configuration. You can see more on this topic here: Web Application Firewall (ModSecurity)
 
You must log in or register to reply here.

Similar threads

Lenny
Resolved Seeking Assistance with API Communication Issues via SSL on Plesk
Replies
4
Views
674
Lenny
Lenny
R
Question Missing Authorization Headers in FPM application served by Nginx
Replies
2
Views
5K
Kaspar
K
M
Issue FTP behind VPN - Connect it via Local IP
Replies
0
Views
2K
Mutate2546
M
A
Issue ModSecurity Rule in custom directives ignored
Replies
0
Views
1K
Abed
A
C
Issue "New configuration files for the Apache web server were not created due to the errors in configuration templates"
Replies
4
Views
3K
The 8th
The 8th
Back
Top