Table of Contents
- Overview
- Compatibility Matrix
- Recommended Setups
- ModSecurity + Fail2Ban Setup
- Imunify360 Setup
- Troubleshooting
- Best Practices
Overview
Important Notice
These security tools are not designed to work simultaneously. You must choose ONE of the following configurations:
- ModSecurity + Fail2Ban
- Imunify360 (standalone)
Compatibility Matrix
| Configuration | Compatible? | Notes |
|---|---|---|
| ModSecurity + Fail2Ban | ✅ Yes | Recommended for basic security needs |
| Imunify360 (standalone) | ✅ Yes | Comprehensive security solution |
| Imunify360 + Fail2Ban | ❌ No | Will cause conflicts |
| Imunify360 + ModSecurity (other rulesets) | ❌ No | Will cause false positives |
Prerequisites
- Plesk Obsidian or later
- Apache 2.4.x or newer
- Root access to your server
- Linux (CentOS 7+, Ubuntu 20.04+, or Debian 11+)
Recommended Setups
Option 1: ModSecurity + Fail2Ban
Best for:
- Standard hosting environments
- Budget-conscious deployments
- Customizable security rules
Option 2: Imunify360
Best for:
- Enterprise hosting environments
- Managed hosting providers
- High-security requirements
ModSecurity + Fail2Ban Setup
1. Enable ModSecurity in Plesk
Verify ModSecurity installation
sudo plesk sbin modsecurity_ctl -s
Enable ModSecurity
sudo plesk sbin modsecurity_ctl --enable
2. Configure Fail2Ban Integration
1. Navigate to Plesk > Tools & Settings > IP Address Banning (Fail2Ban) 2. Locate the "plesk-modsecurity" jail 3. Configure jail settings:View current jail settings
sudo fail2ban-client get plesk-modsecurity
Configure jail
sudo vim /etc/fail2ban/jail.d/plesk-modsecurity.conf
# Example configuration:
[plesk-modsecurity] enabled = true filter = plesk-modsecurity logpath = /var/log/modsec_audit.log findtime = 600 bantime = 600 maxretry = 5Imunify360 Setup
1. Pre-Installation Steps
Disable Fail2Ban if installed
plesk bin fail2ban --disable
Remove existing ModSecurity rules
sudo plesk sbin modsecurity_ctl --disable-all-rules
2. Install Imunify360
Download installer
wget https://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh
Run installer
bash i360deploy.sh --key YOUR_LICENSE_KEY
3. Verify Installation
Check the Imunify360 ModSecurity ruleset
sudo plesk sbin modsecurity_ctl -L --enabled
# Expected output: custom
Troubleshooting Guide
ModSecurity + Fail2Ban Issues
Check ModSecurity logs
sudo tail -f /var/log/modsec_audit.log
Check Fail2Ban status
sudo fail2ban-client status plesk-modsecurity
View banned IPs
sudo fail2ban-client get plesk-modsecurity banip
Imunify360 Issues
Check Imunify360 status
imunify360-agent status
View Imunify360 logs
tail -f /var/log/imunify360/error.log
Check ModSecurity rules
sudo plesk sbin modsecurity_ctl -L
Best Practices
General Security Guidelines
- Always backup before making security changes
- Test in staging environment first
- Monitor false positives regularly
- Keep all security tools updated
ModSecurity + Fail2Ban
- Start with conservative ban times
- Whitelist trusted IPs
- Regular log review
Imunify360
- Use only Imunify360 ruleset
- Configure automatic updates
- Enable real-time scanning
Common Gotchas to Avoid
- Never run multiple WAF solutions simultaneously
- Don't mix Imunify360 with other ModSecurity rulesets
- Avoid running Fail2Ban with Imunify360
- Don't forget to whitelist legitimate traffic
Monitoring and Maintenance
Regular health checks
For ModSecurity + Fail2Ban:
sudo fail2ban-client status
sudo plesk sbin modsecurity_ctl -s
For Imunify360:
imunify360-agent status
imunify360-agent checkdb | check-domains| check modsec directives | etc
