Michael Goeller
New Pleskian
On my site mmo-game.eu I am getting a good amount of SPAM comments a day (they are filtered by a wordpress plugin) and sadly slowly intrusion attempts slowly start to happen more often. The site got defaced last year for a few hours and I fear this is going to happen again sooner or later.
This eventually lead me to install mod_security and honestly I am a bit overwhelmed atm
basically I did these steps:
Then I added the exceptions for wordpress:
But now I seem to have issues with logging in to Plesk, Login page does not appear, instead the log shows:
I have found 2 related posts here, one that suggsted to update PHP, but I have the latest PHP and the other one with ciphers did not apply.
Can anyone point me the way on how to fix this issue?
Thanks
This eventually lead me to install mod_security and honestly I am a bit overwhelmed atm
basically I did these steps:
wget -q -O - http://www.atomicorp.com/installers/atomic | sh
wget -q -O - http://www.atomicorp.com/installers/plesk |sh
yum install mod_security
cd /etc/httpd/modsecurity.d/
wget http://updates.atomicorp.com/channels/rules/delayed/modsec-2.5-free-latest.tar.gz
tar -zxvf modsec-2.5-free-latest.tar.gz
/etc/init.d/httpd restart
Then I added the exceptions for wordpress:
nano /etc/httpd/modsecurity.d/modsec/00_asl_custom_exclude.conf
<LocationMatch "/wp-admin/post.php">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904 959006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</LocationMatch>
<LocationMatch "/wp-admin/admin-ajax.php">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904 959006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</LocationMatch>
<LocationMatch "/wp-admin/page.php">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</LocationMatch>
<LocationMatch "/wp-admin/options.php">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904 959006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</LocationMatch>
<LocationMatch "/wp-admin/theme-editor.php">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904 959006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</LocationMatch>
<LocationMatch "/wp-content/plugins/">
SecRuleRemoveById 300015 340151 1234234 340153 1234234 300016 300017 950907 950005 950006 960008 960011 960904 959006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</LocationMatch>
<LocationMatch "/wp-includes/">
SecRuleRemoveById 960010 960012 950006 959006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</LocationMatch>
<LocationMatch "/wp-content/themes/">
SecRuleRemoveById 340151 340153 1234234 950006 959006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</LocationMatch>
<LocationMatch "/wp-cron.php">
SecRuleRemoveById 960015
</LocationMatch>
<LocationMatch "/feed">
SecRuleRemoveById 960015
</LocationMatch>
<LocationMatch "/category/feed">
SecRuleRemoveById 960015
</LocationMatch>
But now I seem to have issues with logging in to Plesk, Login page does not appear, instead the log shows:
2011-11-03 10:30:21: (mod_fastcgi.c.2588) FastCGI-stderr: PHP Fatal error: Call to a member function getContext() on a non-object in /usr/local/psa/admin/plib/Navigation.php on line 54
all children busy, launch additional (total 3, limit 30)
I have found 2 related posts here, one that suggsted to update PHP, but I have the latest PHP and the other one with ciphers did not apply.
Can anyone point me the way on how to fix this issue?
Thanks