• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Plesk Onyx + WAF + Atomicorp + nginx = ???

L

larryk

Regular Pleskian
hello.... i've had a few discussions with people at Atomicorp.

I'm trying to find out WHAT or HOW Plesk is dealing with atomicorp rules for nginx.

atomicorp says: rules for apache are very stable. rules for nginx are beta?
While ASL for nginx is supported.... what does Plesk say about atomicorp rules for nginx?

NOTE: I would be running the 2nd (more powerful rules) NOT the basic one

https://docs.plesk.com/en-US/onyx/a...dsecurity/atomic-modsecurity-rule-sets.75669/


NOTE: Plesk needs to fix this in their docs or settings. It is a naming problem:

THIS IS THE DOCS:

The Atomic Basic ModSecurity rule set includes the following:

The complete Atomic ModSecurity rule set includes the following:

while this is the WAF settings for options:

Atomic Professional ModSecurity
An advanced version of the Atomic ModSecurity rules. Updated on a daily basis.

Atomic ModSecurity (subscription)
The most complete version of the Atomic ModSecurity rules, with all performance enhancements and new security features. Updated in real time. You need an active subscription to use this rule set.


You see that there is only 2 options, but 3 different names?
 
I have the same situation, I'm using nginx (non proxy mode) with Plesk Onyx and looking for a way to use the web application firewall.

I tried the suggested test at http://wiki.atomicorp.com/wiki/index.php/Atomic_ModSecurity_Rules#Step_10:_Test_your_web_server and I get a 404 error, which means the WAF isn't active at all with nginx. It should return a 403 code on the console. I tested this with wget from my client terminal (OS X).

I have the "Atomic Basic ModSecurity" ruleset and the configuration is set to "Tradeoff".

So it seems Plesk Onyx is unable to use the WAF with nginx in non proxy mode.

Btw in my WAF control panel settings it says "Atomic Basic ModSecurity" and "Atomic ModSecurity (subscription)", so I don't see the same issue you have.

Also you're mentioning ASL which stands for "Atomic Secured Linux" this isn't the same as the mix of Plesk Onyx and the Modsecurity WAF using Atomicorp's Ruleset, so you have a "non ASL system". Keep this in mind when reading the WAF test mentioned earlier.
 
long story short...
1) i don't believe all rules work for nginx.... i've talked to atomicorp -- call them :)
2) atomicorp says nginx does work well with ASL, not so much for WAF
 
DigitalExit said:
So it seems Plesk Onyx is unable to use the WAF with nginx in non proxy mode.
Click to expand...

You're right. For now there is no mod_security module in nginx in Plesk Onyx, so the WAF will work (on apache side) in proxy mode only.
See also https://docs.plesk.com/en-US/onyx/a...n/web-application-firewall-modsecurity.73383/, "Nginx and ModSecurity Notes (Linux)".

About "Atomic Professional ModSecurity" ruleset - it is "complete Atomic ModSecurity" ruleset actually. The user manual will be fixed.
Option "Atomic ModSecurity (subscription)" provides ability to auth/login into Atomic, so if you succefully auth/login, you will get Atomic Professional ModSecurity ruleset.
 
You must log in or register to reply here.

Similar threads

R
Question Atomicorp WAF // 345114 "log4j"
Replies
1
Views
1K
weltonw
W
R
WAF Update Notifications
Replies
5
Views
2K
Bitpalast
Bitpalast
Azurel
Question ModSecurity documentation and notices
Replies
0
Views
1K
Azurel
Azurel
S
Resolved WAF Update Error Atomic Basic ModSecurity
Replies
2
Views
1K
Sally1
S
Ehud
Question Is Plesk Email SRS fully configured, or it requires an extension?
Replies
0
Views
2K
Ehud
Ehud
Back
Top