Skip to content

I suggest you...

← Feature Suggestions

Choose OWASP mode

It would be great to have a select button in Plesk UI to choose between Self-contained mode and Anomaly Scoring mode for OWASP in Tools and Settings > Web Application Firewall (modsecurity)

2 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Julian Bonpland shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • EhudZ commented  ·   ·  Report

    For Comodo it should be changed on:

    # vi /etc/apache2/modsecurity.d/rules/comodo_free/00_Init_Initialization.conf

    SecDefaultAction \
    "phase:1,log,auditlog,deny,status:403"
    SecDefaultAction \
    "phase:2,log,auditlog,deny,status:403"

  • EhudZ commented  ·   ·  Report

    Plesk ModSecurity required a revision...

    You click "On" but you are actually mainly on Warning mode... as scores prefined do not bring to 403 error lots of the times...

    You better manually fix this to:

    the following parameters are specified in /etc/apache2/modsecurity.d/rules/owasp_modsecurity_crs_3-plesk/10-crs-setup.conf

    They IMHO should be commented out:
    SecDefaultAction "phase:1,log,auditlog,pass"
    SecDefaultAction "phase:2,log,auditlog,pass"

    while they should be:

    SecDefaultAction "phase:1,log,auditlog,deny,status:403"
    SecDefaultAction "phase:2,log,auditlog,deny,status:403"

    **There was no RESTART is required**

    # plesk sbin modsecurity_ctl --disable
    # plesk sbin modsecurity_ctl --enable
    # service httpd restart

Feature Suggestions: Extensions

Categories

Feedback and Knowledge Base

(thinking…)