• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Question WAF ModSecurity Upgrade ChangeLog

klodoma

New Pleskian
Server operating system version
CentOS Linux 7.9.2009 (Core)
Plesk version and microupdate number
18.0.61 Update #5
Hi Forum

I would like to ask if there is a upgrade/log/plan for ModSecurity for Plesk?

On 20.06 we received a Plesk update which upgraded ModSecurity from 3.6.* to 4.2.0 and this caused major issues in our setup. We have several custom rules and nothing worked properly anymore.

My Questions:
  • Is there a way to know when such updates are coming for modSecurity?
  • is it possible to disable auto updates for mod security only and update it manually?

Thank you in advance!
 
The ModSecurity rulesets get updated regularly. These updates are published on the Plesk change log page.

There is no specific option to disable ModSecurity rulesets updates. Only to disabled all third-party components shipped by Plesk. Which is not recommended as these can includes security fixes for other third-party components too.

If you like to use older rulesets you can try to manually upload and install those.
 
Back
Top