QuestionHow to block user-agents in Plesk Control Panel on Linux?
AnswerTo block a specific user agent to reaching the Plesk control panel, use these steps:
- Edit the file /etc/sw-cp-server/conf.d/plesk.conf.
- Add the following configuration (where hello, world and helloworld are case-insensitive:
map $http_user_agent $badagent {
default 0;
~*hello 1;
~*world 1;
~*helloworld 1;
}- Now paste the if condition within the domain's (the "server" block, where sw-cp-server is listening) configuration file, e.g.:
if ($badagent) {
return 403;
}- You should have your file looking closer to this:
map $http_x_requested_with $error_doc_format {
default html;
XMLHttpRequest json;
}
map $http_x_forwarded_proto $original_proto {
default $http_x_forwarded_proto;
"" $scheme;
}
map $http_user_agent $badagent {
default 0;
~*hello 1;
~*world 1;
~*helloworld 1;
}
server {
listen 8443 ssl;
listen 8880;
listen 127.0.0.1:8880 default_server;|
include conf.d/*ipv6_ports.inc;
http2 on;
ssl_certificate /opt/psa/admin/conf/httpsd.pem;
ssl_certificate_key /opt/psa/admin/conf/httpsd.pem;
include conf.d/*plesk.inc;
include conf.d/*wpb.inc;
if ($badagent) {
return 403;
}
}- Restart the Plesk frontend:
Note: the command will cause a brief downtime, while the frontend is being restarted:
# systemctl restart sw-cp-serverMake a non-redirect following query with a specified user agent. Now it will return 403:
# curl -Ik https://example.com:8443 -A "hello"
HTTP/2 403
server: nginx
date: Mon, 24 Mar 2025 19:29:54 GMT
content-type: text/html
content-length: 146