• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Forwarded to devs Micro-Update 68 issue - WAF not activated after applying MU #68

T

trialotto

Golden Pleskian
Plesk Guru
TITLE:
Micro-Update 68 issue - WAF not activated after applying MU #68
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
All of them, I suppose
PROBLEM DESCRIPTION:
WAF not activated after applying MU #68​
STEPS TO REPRODUCE:
Run the command : plesk sbin autoinstaller​
ACTUAL RESULT:
WAF is off, even though it was set to on before.​
EXPECTED RESULT:
It is to some extent expected behaviour : package libapache2-modsecurity is removed and replaced afterwards by package libapache2-modsecurity-plesk.

No problem there.

However, people will not be aware of the fact that the WAF is not active.

In my humble opinion, this is an urgent matter : servers are exposed, while the server owners or maintainers are expecting to have a working WAF.​
ANY ADDITIONAL INFORMATION:
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Confirm bug
 
Hi, trialotto!
Can you check the following commands:
Code: 
# plesk sbin modsecurity_ctl --status
Enabled
# apache2ctl -M | grep security2
 security2_module (shared)

We have known issue that modsecurity status is displayed incorrectly in Web UI (as "Off") but actually modsecurity is enabled and working.
I will ask about backporting fix for this issue in 17.8.11.
 
@Alxndr.V

Thanks for the reply - but there might be a problem : I have tested on 5 or 6 servers (read: live copies of production servers) with different settings and they are now configured properly. In short, I cannot do a valid test anymore - it is difficult to replicate after applying MU68.

I am pretty sure (99,99% sure) that (one the one hand) modsecurity was disabled on all servers and (on the other hand) some servers were demonstrating a conflict with modsecurity package, one conflict being related to the aum package (read: not a relevant issue, I deliberately tested with a different setup / config) and another conflict being related to failures to clean packages when removing config (read: I deliberately tested what happened if the plesk modsecurity package was uninstalled and reinstalled, with the endresult being that config files were left behind that prevented Apache to start - again, a not so relevant issue).

In brief, if I am not mistaken, modsecurity was disabled.

By the way, I noticed some issues with Imunify360 extension and / or I am aware of the known issue of "incorrect display" and / or it should be the case that Atomicorp ModSec rules are supported in Ubuntu 18.0.x (but there is not an option for that in the Plesk Panel) - can we discuss these things in a private conversation?

Kind regards..........
 
You must log in or register to reply here.

Similar threads

C
Issue 502 Bad Gateway - after applying updates
Replies
2
Views
3K
CChris
C
Bitpalast
Automatic upgrade vom 18.0.31 to 18.0.32 despite setting that only micro updates shall auto-install
Replies
6
Views
3K
moswak
M
T
Forwarded to devs Docker extension issue - docker daemon running continuously, even after uninstall
Replies
2
Views
2K
AYamshanov
AYamshanov
B
Issue Webpages are no longer reachable after update from 17.8 to 18.0
Replies
0
Views
2K
Brovning
B
D
Firewall rules not applied after reboot
Replies
0
Views
1K
Deagan
D
Back
Top