Nginx and Modsecurity 3 Support for Plesk

Issue

The following alert is displayed in Plesk:

Some security vendors are now employing ModSecurity rules on your servers tend to deliver a high false-positive rate. We recommend disabling all rules except the Imunify360 ruleset. If you already disabled 3rd party rulesets except for Imunify360 then this notification should disappear after 24h interval.

But Modsecurity Panel does not show Imunify360 ruleset.

Environment

• Nginx
• Any OS
• Imunify360
• Plesk

Solution

As of today, ModSecurity 3 support for Nginx on Plesk servers is under development. The task with id DEF-15074 can be tracked in the changelog for future releases: https://changelog.imunify.com/imunify360

Until support will be implemented, it is recommended to install ModSecurity on Apache level, to do this on the server with Plesk the following command needs to be executed:

# plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-web-server apache

Useful links

• https://docs.imunify360.com/ids_integration/#modsecurity-configuration
• https://docs.imunify360.com/installation/#requirements
• https://changelog.imunify.com/imunify360