• We value your experience with Plesk during 2025
    Plesk strives to perform even better in 2026. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2025.
    Please take this short survey:
    https://survey.webpros.com/
  • On Plesk for Linux mod_status is disabled on upgrades to improve Apache security.
    This is a one-time operation that occurs during an upgrade. You can manually enable mod_status later if needed.

Resolved What is the best way to configure NGINX ModSecurity?

O

othmaqsa

Regular Pleskian
Server operating system version
Ubuntu 20.04.5 LTS
Plesk version and microupdate number
18.0.49
Hello,

What is the best way to configure Modsecurity ? I use only NGINX.

Thank you.
 
Monty said:
Please check the documentation here:
docs.plesk.com

Web Application Firewall (ModSecurity)

summary
docs.plesk.com docs.plesk.com
Click to expand...
Hello,

Thank you for your message.

I've read this before, but the confusion is that in the documentation:
Apache (ModSecurity 2.9) (recommended).
Nginx (ModSecurity 3.0).
Note: Switching to Nginx (ModSecurity 3.0) may affect your existing applications. We recommend trying ModSecurity 3.0 out on a test server before switching your production environment to that version.

In my case, I use only NGINX only (proxy mode disabled), I need to choose the recommended setting or go Nginx (ModSecurity 3.0) ?
 
If you haven't used ModSecurity before then you should go for ModSecurity 3.0 with nginx and run it in "Detection Mode" only for a while and analyse the logs it produces.

Once you're sure that no legitimate requests would be blocked then you can switch to "On" (blocking mode).
 
Monty said:
If you haven't used ModSecurity before then you should go for ModSecurity 3.0 with nginx and run it in "Detection Mode" only for a while and analyse the logs it produces.

Once you're sure that no legitimate requests would be blocked then you can switch to "On" (blocking mode).
Click to expand...
Got it, since it's the first time I use ModSecurity, I'll enable ModSecurity 3.0 with nginx.

Another question: Can I see the Logs with the option Detection Mode ? If yes, where can I see it ?
 
ModSecurity will have a CPU impact, yes. But with a "normal" amount of rules this impact should be very small, close to negligible. To see the impact, record your CPU/RAM usage before activating ModSecurity and then compare it with ModSecurity enabled.

For further tuning and optimization of ModSecurity: ModSecurity Performance Recommendations
 
You must log in or register to reply here.

Similar threads

Jürgen_T
Issue How to properly configure Fail2Ban for ModSecurity in Plesk with NGINX?
Replies
5
Views
4K
klodoma
K
G
Question Modsecurity in detection mode and fail2ban jail
Replies
1
Views
935
Sebahat.hadzhi
Sebahat.hadzhi
K
Issue ModSecurity with nginx not working
Replies
1
Views
1K
alvarezcruz
alvarezcruz
Jürgen_T
Issue Modsecurity works with Apache but error with nginx
Replies
5
Views
4K
Raul A.
R
Jürgen_T
Question Modsecurity - Apache or Nginx
Replies
2
Views
2K
Jürgen_T
Jürgen_T
Back
Top