Plesk 12.x / Linux :: ModSec On Per-domain Rule Basis?
Mar 12, 2015Is it possible to enable ModSec through plesk, and manage exceptions on a per-domain rule basis?
In other words, is it possible to disable ModSec for only one domain?
Is it possible to enable ModSec through plesk, and manage exceptions on a per-domain rule basis?
In other words, is it possible to disable ModSec for only one domain?
I am offering an email service through Plesk that archives all mail on a per-domain basis. I am having a hard time finding any real solutions to this. So far, I've found:
MailArchiva
Mailpiler
While mailarchiva seems like a decent solution, I don't know if I can only do on a per domain basis.
I'm testing Plesk 12.1 and noticed after enabling ModSecurity, the modsec_audit log file is empty.
I'm running CentOS7.1 w/Plesk 12.1.23
Error when trying to set atomic subscription rule:
Failed to install the ModSecurity rule set: SecReadStateLimit is depricated, use SecConnReadStateLimit instead.
Syntax error on line 70 of /etc/httpd/conf/modsecurity.d/rules/atomic/modsec/00_asl_zz_strict.conf:
Error creating rule: Could not add entry "127.0.0.0/8" from: 127.0.0.0/8.
In directory /etc/httpd/conf/modsecurity.d/rules I have only: atomic.new modsecurity_crs-plesk tortix tortix.backup
There is no file 00_asl_zz_strict.conf
I have fail2ban and try to install http-get-dos rule. but I have no way to make it work.
Here are my files :
# cat /etc/fail2ban/filter.d/http-get-dos.local
[Definition]
failregex = ^<HOST>.*"GET
ignoreregex =
[Code] ....
Then, when I start fail2ban, I have this thing :
2015-03-24 00:33:25,473 fail2ban.jail [7070]: INFO Creating new jail 'http-get-dos'
2015-03-24 00:33:25,473 fail2ban.jail [7070]: INFO Jail 'http-get-dos' uses Gamin
2015-03-24 00:33:25,474 fail2ban.jail [7070]: INFO Initiated 'gamin' backend
2015-03-24 00:33:25,475 fail2ban.filter [7070]: INFO Added logfile = /var/www/vhosts/mydomain1/logs/access_log
2015-03-24 00:33:25,476 fail2ban.filter [7070]: INFO Added logfile = /var/www/vhosts/mydomain2/logs/access_log
[Code] ....
So, I do not understand where is coming from the set max... then, in my iptables, I have all the Chains, but not the http-get-dos one :
# iptables -L | grep Chain | grep dos
and finally, I made some stress test, geneating more than 5000hits in 5 min, and no luck, nothing.
If I run failregex :
# fail2ban-regex /var/www/vhosts/mydomain1/logs/access_log /etc/fail2ban/filter.d/http-get-dos.local
Running tests
=============
Use failregex file : /etc/fail2ban/filter.d/http-get-dos.local
Use log file : /var/www/vhosts/mydomain1/logs/access_log
Results
=======
Failregex: 55044 total
|- #) [# of hits] regular expression
| 1) [55044] ^<HOST>.*"GET
`-
Ignoreregex: 0 total
Date template hits:
|- [# of hits] date format
| [55429] Day/MONTH/Year:Hour:Minute:Second
`-
Lines: 55429 lines, 0 ignored, 55044 matched, 385 missed
Missed line(s): too many to print. Use --print-all-missed to print all 385 lines
Did I miss something in fail2ban configuration ? is there any pb to add custom rule to fail2ban in plesk ?
very simple spamassassin rule that will do the following…
Give a score of 2
For the word test in the subject field
Then can you tell me where on the Plesk 12 server to place the file for server-wide filtering.
On attempting to select the configuration->filter option on RoundCube, we got the error message:
SERVICE CURRENTLY NOT AVAILABLE!
Error No. [501]
On /var/log/plesk-roundcube/errors we can see the following logs:
[06-Jun-2015 14:57:17 -0300]: PHP Error: SieveRules plugin: Unable to open default rule file in /usr/share/psa-roundcube/plugins/sieverules/sieverules.php on line 1523 (GET /roundcube/?_task=settings&_action=plugin.sieverules)
...
[06-Jun-2015 14:57:17 -0300]: PHP Error: SieveRules plugin: Unable to open example rule file in /usr/share/psa-roundcube/plugins/sieverules/sieverules.php on line 1560 (GET /roundcube/?_task=settings&_action=plugin.sieverules)
...
[06-Jun-2015 14:57:17 -0300]: PHP Error: Error loading template for sieverules.sieverules in /usr/share/psa-roundcube/program/include/rcmail_output_html.php on line 496 (GET /roundcube/?_task=settings&_action=plugin.sieverules)
When I hit my server's domain it redirects me to one of the hosted sites' domain with a 302 redirect. It used to return the default plesk server page. How can I cancel the redirect?
View 2 Replies View Relatedhow to use Modsec to block refer from .swf file like: X-flash DDOS.
Example:
Domain: xyz.com
X-flash site: [url]
On cpanel xyz.com we can see in List Last Visit many ip and refer with post and get from [url]How can we use modsec block request like this ?
I've have a problem with a server : we have create as usual certificate with Tools > SSL certificates.
When we want to put certificate with the domain, we don"t have the "Secure your sites" menu in the "websites and domains" sub category.
Why ? How can i activate the certificate with the domain ?
For a Magento shop I want assign a dedicated IP to a domain. When I choose this second IP in “Subscriptions” --> Change Hosting Settings” and then select this IP under “Tools and Settings --> IP Addresses” as dedicated (or shared too) for this domain, calling the domain results in the Webserver´s default Plesk Page.
The Shopsite is not shown, but was working well with the shared standard IP.
Calling the IP directly with the browser shows the start page of the shop in raw HTML ( no CSS ).
Choosing a link results in a “Not found” page.
I am trying to change the default php settings under domain (upload_max_filesize & post_max_size) but nothing happens. I am running PHP 5.5 in FastCGI. I also changed it to Centos default PHP (5.4.16) but nothing happens again. It only works when PHP runs as Apache module. The problem is on FastCGI Application.
My server: Centos 7, Plesk 12 Check the screenshot for installed components.
Plesk 12. Using the "Corporate/Business" -> "Power User view".
Where do you add a Domain Alias? The webspace has no option to add this and all documentation I've found so far seems to indicate there should be a button that says add domain or add domain alias.
How I create DNS in Plesk for a domain?
Dedicate server from server4you with centos.
There is some problem with my email and developer tell me this yesterday:
To view DNS records for a domain you need to (after loging in as admin) click on the domain name, then choose DNS Settings. Mx record is configured correctly there, but they are not taken into consideration.
You should change the nameservers from the registrar to the nameservers of your hosting. Right now the following are used: ns-canada.topdns.com. hostmaster.topdns.com .
They should be either the nameservers received from the hostings, or if you did not received any then you will have to create them, on the registrar side and on your hosting side.
So you should go to your registrar and change the nameservers for your domain. Do not just change the ip for the main A record. After you do this you will need to wait a while for the changes to propagate.
On my registrar have i set in my server ip but when him do a test here: [URL] ....
I want to setup a domain alias without www in front of it. A quite simple task in the past...but not with Plesk 12. So I have a service domain (for example: service.com) that I use for ALL clients. But each client has only a subdomain of it as alias in his account. so client1.service.com, client2.service.com....and so on. And only that subdomain...nothing more...for each account. How to achieve that in Plesk 12?
View 1 Replies View RelatedError: IP addresses for mail service of domain <domain> are not set..This is error I'm getting. It was working some time ago, but now I cannot create new domain.
View 19 Replies View RelatedIs there a way to see what domain is getting hit when I have a huge traffic spike? Not the daily report, but in real time? Like when it is happening?
View 1 Replies View RelatedIt seems to me that the panel is not DNS Template for any domain.
Plesk v. 12.0.18
How can I configure a domain in plesk panel in order to show the domain with www (www.domain.tld)
Is the propertie "Preferred domain" in plesk 11.5 but in plesk 11.0.9 does not exist. How can I configure this?
Is it possible to add a ssl to a IP number despite of domain name?
I would like to know if i can buy a ssl and set a IP on website address...
I can't find email option in my plesk panel
I have installed mail servers in components, and i see mail settings under server tab but i just cant figure out how to enable mail for specific domain
If i go to webmail.pedjaapps.net i opens default home page, webmail subdomain points to my servers ip address in DNS, roundcube is also enabled in webmails....
I'm running plesk 12.0.18 on centOS 6.6 and I have some problems with ipv6 support for a domain. This is what I see in my apache logs for that domain:
2001:8d8:90b:c900::2a:19d1 - - [29/Jun/2015:17:44:55 +0200] "GET /hello.html HTTP/1.0" 404 1208 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
2001:8d8:90b:c900::2a:19d1 - - [29/Jun/2015:17:49:39 +0200] "GET /hello.html HTTP/1.0" 200 384 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
2001:8d8:90b:c900::2a:19d1 is the ipv6 from my server, and it appears there because of nginx working as reverse proxy.
As you can see, facebook can't get /hello.html (404 response), but I can get it from another server using curl (200 response). I tried disabling nginx and this is what I see now:
2a03:2880:2110:dff3:face:b00c:0:1 - - [29/Jun/2015:17:55:11 +0200] "GET /hello.html HTTP/1.1" 404 1208 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
2001:8d8:8b3:6000::4e:c5a0 - - [29/Jun/2015:17:54:52 +0200] "GET /hello.html HTTP/1.1" 200 361 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
Still not able to get /hello.html. This is a problem for me because I can't share anything on facebook, since their bot can't find anything on my site.
I've already configured ipv6 for my domain.
I am migrating some clients between Plesk panels ...
After migrate 10 domains the Health monitoring growup from MSQL from 1gb to 4.5gb
All 10 websites are small, how can i see to identify which domain/subscription is consuming a lot of resources?
I just created a new Domain "bernhardlinz.de" at the
Plesk Panel -> Websites & Domains -> Add new Domain
After the Creation the new Domain does not appear under "Websites & Domains".
I check the domain with
Code:
/usr/local/psa/bin/domain -i bernhardlinz.de
And all looks fine like my other, older domains:
Code:
General
=============================
Domain name: bernhardlinz.de
Owner's contact name: Bernhard Linz (admin)
Domain status: OK
[Code] ....
I can see the domain under "Mails" and also create new mail accounts. There are no Errors for this under
Code:
/usr/local/psa/admin/logs/panel.log
As i try to add the domain first i got a
Code:
[11-Jul-2014 21:41:35 Europe/Berlin] PleskUtilException: mailmng-outgoing failed: ERROR:outgoing:database disk image is malformed
Which I removed with the
Code:
/usr/local/psa/admin/sbin/mchk
Command I found in the Plesk forum. After that i could add the domain.
I try a add another fantasy domain - also works but alos not displaying in Panel "Websites & Domains"
I take a look at the Plesk-Database "psa" with the Build-In "phpMyAdmin"
I take a look at the table "domains" and it looks like the other entries.
The Server was restored a few days before from a Backup. After the restore i had have the problem the "mysql" service did not start. I fixed the problem with the description from [URL] ... (Start mysql in recoverymode, export all data, delete the content of the whole mysql folder /var/lib/mysql folder, init new database and import the exported data). After that all looks fine.
A domain has become suspended for some unknown reason so the client's site is down (we're getting the Web Server's Default Page). The account limits have not been exceeded and it appears there's no logical reason why this should have happened. In any case I've tried changing the status within Plesk 11 but without success. I've also tried to access via SSH but I'm getting an access denied message even through the password being entered is correct.
View 1 Replies View RelatedI have a domain that has a ton of alias domains in my panel.
If I get it to show "All" entries per page, change it to "Active List", and get back to "Classic List", they show up correctly.
Nevertheless, I have to do it every single time I log in to the panel.
Pagination also doesn't seem to work in 10, 25 and 100 entries if I don't do that.
That started happening after some update on version 12.
Just updated to V12 and noticed you can't copy a database from one domain to another as easy as before. So doing any testing is much harder. Is this correct or am I missing something...
View 5 Replies View Relatedhow can i add a domain without spending slots (im limited to 10 domains)? Basicaly i want to add my own domains directly as vhost and do the rest using the panel. I want this to run only on nginx instead of apache.
View 7 Replies View RelatedError: IP addresses for mail service of domain xxxxxx.com are not set
View 3 Replies View RelatedI am skeptical of running mchk on my server and messing something up. I am having an issue with one domain hosted on my server getting 100's of duplicates from certain domains. My MagicSpam logs show that the email is sent to my server anywhere from every 15 minutes to 1 hour. It started out as one domain sender to my server to my client, now it is happening to a bunch of sending domains.
View 1 Replies View Related