• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Question modsecurity enabled via plesk web, but off via ssh command line

J

Jose Maria Sarachaga

New Pleskian
Server operating system version
Ubuntu 20.04.5 LTS
Plesk version and microupdate number
Version 18.0.49 Update #2
Hello everyone
I'm just curious, i have enabled modsecurity on all my websites and i can see it's working in the log files.
Today i happened to run:
plesk bin nginx -s to get a list of all the modules installed and their status
and found modsecurity shows as OFF:

brotli on
geoip2 on
modsecurity off
pagespeed off

How can this be? am i misunderstanding something? shoud i enable it also via terminal?
Maybe i'm not seeing all the logs i should be seeing?
 
Hi @Jose Maria Sarachaga , thank you for posting this question. In Plesk there are two ModSecurity services: 2.9 and 3.0. When you select 2.9 ModSecurity is applied on the Apache web server level, so you do not see it as a module in Nginx. When you select 3.0: That is for Nginx and you will see it in the Nginx configuration. You can see more on this topic here: Web Application Firewall (ModSecurity)
 
You must log in or register to reply here.

Similar threads

P
Resolved Disable output buffering
Replies
4
Views
5K
Patashoow
P
J
Resolved Atomic Advanced ~ Unable to get Rulesets
Replies
4
Views
2K
JeffreyReed
J
T
Issue ModSecurity and bad gateway 500 nginx
Replies
3
Views
2K
tomaszt
T
M
Question How To Set Up Plesk Root Login via SSH With External SSH Keys
Replies
2
Views
2K
MHC_1
M
R
Resolved How to activate DNSSEC automatically via Plesk API (REST or XML)?
Replies
2
Views
1K
Riculum
R
Back
Top