Knowledge Base

How to manage Web Application Firewall (ModSecurity) via CLI?

Question

How to manage Web Application Firewall (ModSecurity) via CLI?

Answer

Web Application Firewall (ModSecurity) management is available within the server_pref and subscription utilities.

For example:

In order to check ModSecurity status:
# plesk bin server_pref --show-web-app-firewall
To turn ModSecurity on:
# plesk bin server_pref --update-web-app-firewall -waf-rule-engine on
To turn ModSecurity on and select the OWASP ModSecurity Core Rule Set (CRS) rule set:
# plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-rule-set crs
To turn on the web application firewall settings for the website example.com:
# plesk bin subscription --update-web-app-firewall example.com -waf-rule-engine on
To update ModSecurity ruleset
# plesk daily UpdateModSecurityRuleSet

Refer to the following documentation articles for additional details:

Using command line utilities - server_pref
Using command line utilities - subscription

Related Posts

WordPress Firewall – Why Do You Need One?

Wordfence vs Sucuri – WordPress Security Plugins Comparison

Software Tools to Prevent Attacks on Servers and Sites

Knowledge Base

Unable to activate Modsecurity with Atomic Standard rules: modsecurity_ctl failed: Atomic Updater Modified (AUM) Installer (v6.0.0)

How to disable ModSecurity in Plesk?

ModSecurity Atomic rules update or activation fails: modsecurity_ctl failed: Atomic Updater Modified (AUM) Installer (v6.0.0)

WAF button not visible in the Security category for Customer and Reseller domains

Hosting Wiki