Applicable to:QuestionModSecurity Atomic Standard(Previously called Atomic Basic) ruleset was installed.
How to test if it works correctly?
Answer1.Log in to Plesk.
2.Go to
Tools & Settings > Web Application Firewall and set the
Web application firewall mode directive to the
On value.
3.Navigate to
Tools & Settings > Web Application Firewall > Settings, switch rules to the A
tomic Standard ModSecurity rule set and set the
Predefined set of values directive to the
Fast value.
4.Connect to the server using SSH.
5.Get the list of domains by using the command below and choose one of them for further step:
# plesk bin domain --list
example.com
6.Perform the testing (replace example.com with the actual domain name):
Note: due to the fact that redirects to HTTPS or/and to WWW can be configured for the domain, it is required to check all commands below. Some of them can return the 301 Moved Permanently which just tells that redirect for some separate website page is configured.
# curl -IkL http://example.com/?abc=../../
HTTP/1.1 200 OK
# curl -IkL http://www.example.com/?abc=../../
HTTP/1.1 200 OK
# curl -IkL https://example.com/?abc=../../
HTTP/1.1 200 OK
# curl -IkL https://www.example.com/?abc=../../
HTTP/1.1 403 Forbidden
Server: nginx
...
# curl -IkL https://example.com/?q=\'1%20OR%201=1
HTTP/1.1 403 Forbidden
Server: nginx
...
If after execution of all commands above the 403 Forbidden error was got then ModSecurity is working correctly.