What is ModSecurity? ModSecurity is an open-source web application firewall (WAF) designed to protect web applications from various attacks, such as SQL injection and cross-site scripting (XSS). It works by monitoring and filtering HTTP traffic to your web applications, enforcing security policies, and preventing exploitation of vulnerabilities.
Prerequisites
- Access to a server running Plesk.
- SSH access to the server for executing commands.
- ModSecurity must be installed and configured on your server.
Steps to Manage ModSecurity via Plesk CLI
1. Check ModSecurity Status
To verify if ModSecurity is active, use the following command:
plesk bin server_pref --show-web-app-firewall2. Turn On ModSecurity
To enable ModSecurity, execute:
plesk bin server_pref --update-web-app-firewall -waf-rule-engine on3. Enable OWASP ModSecurity Core Rule Set (CRS)
To activate ModSecurity along with the OWASP CRS, run:
plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-rule-set crs4. Enable ModSecurity for a Specific Website
To turn on the web application firewall settings for a specific website (e.g., example.com), use:
plesk bin subscription --update-web-app-firewall example.com -waf-rule-engine on5. Update ModSecurity Ruleset
To ensure your ModSecurity rules are up to date, run:
plesk daily UpdateModSecurityRuleSetTroubleshooting Tips
- Ensure you have the necessary permissions to execute these commands.
- Check the ModSecurity logs for any errors after changes are made.
- Be cautious when enabling rulesets; test your applications after applying new rules to avoid disruptions.
Gotchas to Avoid
- Do not enable all rulesets without testing; some may disrupt legitimate traffic.
- Always back up your configuration before making changes.
- Monitor your applications closely after enabling ModSecurity to catch any false positives.
Conclusion
Managing ModSecurity via the Plesk CLI can enhance your web application security. Following the steps outlined above will help you configure and maintain ModSecurity effectively.
