Question Wordpress sites unable to access Plesk webstat page

[LRLD]

Server operating system version

Ubuntu 24.04.4 LTS

Plesk version and microupdate number

Plesk Obsidian 18.0.78 Update #1 Web Pro Edition

Hi everyone,

I've just noticed a possible configuration conflict with Wordpress/WPToolkit and Plesks webstat page Webalizer/AWStats.
When I click to open the webstat page I get the "Authorisation Required" error page, I don't get a prompt to enter my credentials?
Checking a subdomain of the domain or a domain without Wordpress/WPToolkit it works just fine, I either get a prompt to enter my credentials or where I have entered and saved my credentials i get the correct webstat page.

This occurs on two different Ubuntu 24 servers. I know AWStats is now deprecated but you still have webalizer.

Regards

LD

 

[scsa20]

Are you using pure nginix or apache? If you're using nginix, use this so you can get webstats working again

# Protect Plesk statistics paths
location ~ ^/(plesk-stat|webstat|webstat-ssl|ftpstat|anon_ftpstat|awstats-icon) {
    try_files $uri $uri/ =404;
}

# Security rules
rewrite ^/wp-config.php /forbidden last;
rewrite ^/install.php /forbidden last;
rewrite ^/wp-includes/(.*)\.php /forbidden last;
rewrite ^/wp-admin/includes(.*)$ /forbidden last;
rewrite ^(.*)/uploads/(.*)\.php(.?)$ /forbidden last;

# Main WordPress rewrite - now with exclusion for stats
if (!-e $request_filename) {
    set $test P;
}
if ($uri !~ ^/(plesk-stat|webstat|webstat-ssl|ftpstat|anon_ftpstat|awstats-icon)) {
    set $test "${test}C";
}
if ($test = PC) {
    rewrite ^(.*)$ /index.php break;
}

# Optional: Block direct access to /forbidden
location = /forbidden {
    deny all;
}

# Text files charset
location ~* \.(txt)$ {
    charset utf-8;
}

This is what I use and it works fine