• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Web Application Firewall - mod_security

M

Matthl

Basic Pleskian
Hi,

i have two questions concerning the topic.

1) Can Custom Directives be set per Domain/Subdomain? For example "SecRequestBodyAccess off". Or is it only possible to globally set them in "Tools & Settings" - "Web Application Firewall (ModSecurity)" - "Change Rule Set"?

2) What's the correct way to enter "Security rule IDs"? Seperate them with space between? One per line?

Thank you

Kind regards
Matthl
 
Hi Matthl,

Matthl said:
1) Can Custom Directives be set per Domain/Subdomain? For example "SecRequestBodyAccess off". Or is it only possible to globally set them in "Tools & Settings" - "Web Application Firewall (ModSecurity)" - "Change Rule Set"?
Click to expand...
Even that the following KB - article has been written for "Plesk 12.5 for Linux", it is as well valid for "Plesk Onyx for Linux":



Matthl said:
2) What's the correct way to enter "Security rule IDs"? Seperate them with space between? One per line?
Click to expand...
Quoted from the official Plesk documentation ( => Web Application Firewall (ModSecurity) ):
The security rule ID is an integer number in quotation marks, starting with 3 and put with the prefix id in square brackets. For example, [id "340003"]
Click to expand...
... and "YES", pls. put each ID in a new line, as you will have a cleaner structure in case you need to investigate issues/errors/problems. ;)


For further informations, pls. consider as well to read and follow:

=> Atomic ModSecurity Rules - Atomicorp Wiki

... and pls. be aware, that you will get support for this Plesk component at for example: => Atomicorp • View forum - Atomic Secured Linux Support
 
You must log in or register to reply here.

Similar threads

F
Issue SQLmap attack detected (ID: 218500) on blank page
Replies
3
Views
699
Bitpalast
Bitpalast
R
Issue Problem with web application firewall - file extension is restricted by policy
Replies
3
Views
1K
Linulex
Linulex
B
Issue ModSecurity rule exception not working
Replies
4
Views
2K
benjamin-lgba
B
Sofie76
Resolved Web Application Firewall for Ubuntu 16.04 (Hacking attacks)
Replies
1
Views
1K
Nik G
N
R
Question Atomicorp WAF // 345114 "log4j"
Replies
1
Views
916
weltonw
W
Back
Top