• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

WAF Update Notifications

R

rammstein

New Pleskian
Username: rammstein

TITLE

WAF Update Notifications

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian
Version 18.0.32 Update Nr. 2
Atomic Advanced (purchased through Plesk)
Ubuntu 16.04.7

PROBLEM DESCRIPTION

Notifications are no longer displayed every day.
Like: "Web application firewall: new rule or new rule set was installed"

The "advanced rule set" apparently receives daily updates, the rules in /etc/apache2/modsecurity.d/rules/tortix/modsec/ have a new time stamp every day.

STEPS TO REPRODUCE

  • Install Plesk
  • Install Advanced ModSecurity Rules by Atomicorp

ACTUAL RESULT

WAF works, but Notifications are not working as expected

EXPECTED RESULT

Receive Notification on every update

ANY ADDITIONAL INFORMATION

Is this a bug or did I only notice it now?
Not sure, but I think it wasn't like that a while ago.

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
The notifications can be set in the upper right corner of the notifications pop-up screen. Click on the gear icon, then select which notifications shall be displayed.

plesk01.jpg

Also, the rules are not updated daily. It is very well possible that there are no notifications for a few days.
 
The rules are not updated daily?

docs.plesk.com

Atomic ModSecurity Rule Sets

The Atomic Basic ModSecurity rule set includes the following: SQL injection protection. Cross-site scripting protect...
docs.plesk.com docs.plesk.com

The last paragraph says: "Updates multiple times daily."

I see notifications about the "rule updates", but not every day.
 
If you have the paid "complete Advanced ModSecurity Rules by Atomicorp rule set", the it is updated multiple times daily. But if you are using the free version, this is not the case. Sorry, I assumed that you are using the free ruleset, because most users do.
 
No problem, I have the paid version :) (Atomic Advanced (purchased through Plesk))

With the update notifications it looks like this:
Jan. 9
Jan. 12
Jan. 13
Jan. 18
Jan. 19
Jan. 21

Don't know if that should be the case ..?

On the other hand, "multiple times daily", it would probably also not make sense to create a notification about every update.
 
Atomic are advertising "daily" updates instead of "multiple times daily", but frankly honest, can we be sure that rules need to be updated daily? The advanced rule set includes 4,500 rules. Do we really see so many new ways to attack a website that these need to be updated daily? Maybe it means "we're looking into it daily, and if something needs to be changed, we'll update it, else things will stay as they are". It would be interesting to know what others are seeing who are using the advanced rule set and what these daily updates are.
 
You must log in or register to reply here.

Similar threads

T
Apache2 ModSec Error - Apache2 fails to start and AH00111 error
Replies
1
Views
1K
Peter Debik
P
T
Resolved Spamassassin issue - not compiled or not compiled properly
Replies
18
Views
874
Hangover2
Hangover2
PeopleInside
Issue with Google Drive Backup
Replies
6
Views
696
PeopleInside
PeopleInside
PeopleInside
Forwarded to devs Backup Manager email notification issue: wrong from address
Replies
7
Views
2K
Oskar3210
O
P
Resolved New Sitejet promos showing despite setting in panel.ini
Replies
5
Views
910
Maarten.
M
Back
Top