Applicable to:
- Plesk for Linux
- Plesk for Windows
Question
- Can I add a global custom rule to Web Application Firewall (ModSecurity) in Plesk?
Answer
2. Go to Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab
3. Add the rule to the "Custom Directives" section
Note: For example, the following rule restricts access to any .php file on domains:
CONFIG_TEXT: SecRule REQUEST_URI ".*\.php$" "id:555555,log,noauditlog,deny,status:403"
4. Press Apply
1. Log into your Linux server via SSH
2. Create a file named /tmp/custom with your favorite command-line text editor and add the custom directives that you need within it.
Note: For example, the following rule restricts access to any .php file on domains:
CONFIG_TEXT: SecRule REQUEST_URI ".*\.php$" "id:555555,log,noauditlog,deny,status:403"
3. To add the contents of /tmp/custom to the list of custom directives in the ModSecurity configuration, execute the following command:
# plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-additional-settings /tmp/custom
Note: A general guide for creating ModSecurity rules is available on this page:
ModSecurity Rules Making
Comments
Please sign in to leave a comment.