Question
How to manage Web Application Firewall (ModSecurity) on Plesk server via CLI?
Answer
Web Application Firewall (ModSecurity) management is available within the Plesk CLI utilities server_pref and
subscription.
For example:
- In order to check ModSecurity status:
# plesk bin server_pref --show-web-app-firewall
- To turn ModSecurity on - specify the required rule set and other WAF settings - in this example, the OWASP ModSecurity Core Rule Set (CRS) on Apache is enabled with the weekly rule set update period and "Fast" redefined set of values:
# plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-web-server apache -waf-rule-set crs -waf-rule-set-update-period weekly -waf-config-preset fast
- To turn on the web application firewall settings for the website example.com:
# plesk bin subscription --update-web-app-firewall example.com -waf-rule-engine on
- To manually update ModSecurity ruleset:
# plesk daily UpdateModSecurityRuleSet
Refer to the following documentation articles for additional details:
Plesk Documentation and Help Portal - Reference for Command-Line Utilities, Plesk for Linux - Using command line utilities - server_pref
Plesk Documentation and Help Portal - Reference for Command-Line Utilities, Plesk for Linux - Using command line utilities - subscription
Comments
Hi Stefan Yakubov ,
May I ask, what would be the CLI for ModSecurity status, disable and enable, stop, start and restart?
Hi, Ehud Ziegelman
Modsecurity doesn't have a systemd unit, since it's managed as an included configuration of a webserver instead.
Hence the commands in the article are the only avaiable in the built-in Plesk CLI.
Please sign in to leave a comment.