• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Question WAF ModSecurity Upgrade ChangeLog

klodoma

New Pleskian
Server operating system version
CentOS Linux 7.9.2009 (Core)
Plesk version and microupdate number
18.0.61 Update #5
Hi Forum

I would like to ask if there is a upgrade/log/plan for ModSecurity for Plesk?

On 20.06 we received a Plesk update which upgraded ModSecurity from 3.6.* to 4.2.0 and this caused major issues in our setup. We have several custom rules and nothing worked properly anymore.

My Questions:
  • Is there a way to know when such updates are coming for modSecurity?
  • is it possible to disable auto updates for mod security only and update it manually?

Thank you in advance!
 
The ModSecurity rulesets get updated regularly. These updates are published on the Plesk change log page.

There is no specific option to disable ModSecurity rulesets updates. Only to disabled all third-party components shipped by Plesk. Which is not recommended as these can includes security fixes for other third-party components too.

If you like to use older rulesets you can try to manually upload and install those.
 
Back
Top