• Inviting everyone who uses WordPress management tools in Plesk
    The Plesk team is conducting a 60-minute research session that includes an interview and a moderated usability test.
    To participate, please use this link .
    Your experience will help shape product decisions and ensure the tools better support real-world use cases.

Question What is the current version of the free AtomiCorp ruleset(s) (ModSecurity) within Plesk?

K

King555

Regular Pleskian
Server operating system version
Ubuntu 24.04.1 LTS
Plesk version and microupdate number
Plesk Obsidian 18.0.68 Update #1 Web Admin Edition
I don't get any notification within Plesk concerning updates of the ModSecurity rulesets (in my case AtomiCorp Standard/Free) and so I'm wondering whether I have the latest version installed.

I searched for a file which contains some kind of a version and I found /etc/apache2/modsecurity.d/rules/tortix/modsec/waf_rule_config.

That files shows:
Code: 
# WAF version, Description, Filename, Config Token, Default, Severity
2.7.5,Basic Ruleset,50_plesk_basic_asl_rules.conf,MODSEC_50_PLESK,yes,critical,NULL,NULL
2.5.12,NULL,sql.txt,MODSEC_50_PLESK,yes,high,NULL,NULL

Can anybody confirm whether these are the current versions? Unfortunately AtomiCorp does not publish this information anywhere.
 
Exactly one year later the versions in this file are still the same. But I still did not figure out whether this means that updates are not working or that there are just no updates. I remember that a few years ago I got a notification in Plesk every day that stated that rulesets were updated. I did not see such message in years now.
 
Please make sure that the following notification is enabled in your Plesk panel so you can receive WAF rule update notifications:

Tools & Settings → Notifications → Plesk UI → “A ModSecurity rule or rule set has been installed.”

This will ensure you are notified whenever new WAF rules are installed or updated.

You may also find my discussion here useful:

From my experience, the Atomic Standard ruleset provides only a very basic set of rules.

Personally, I prefer the Comodo ruleset over Atomic. However, it appears that the Comodo ruleset has not been updated for about a year. Despite that, it may still provide better protection compared to the Atomic free rules.
 
You must log in or register to reply here.

Similar threads

WebHostingAce
Question WAF (ModSecurity)
Replies
16
Views
2K
WebHostingAce
WebHostingAce
K
Resolved Activating/updating Atomicorp ruleset (ModSecurity) results in "unmet dependencies" error
Replies
5
Views
2K
King555
K
M
Issue Failed to update ModSecurity ruleset: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>"
Replies
0
Views
2K
muhammad.faraz
M
Azurel
Issue Is it possible to add query-string in error_log (ModSecurity)?
Replies
1
Views
2K
IgorG
IgorG
K
Issue Error related to free atomicorp rule updates
Replies
0
Views
1K
Kailash
K
Back
Top