How to block user-agents in Plesk Control Panel on Linux?

[Suhitha]

Question

How to block user-agents in Plesk Control Panel on Linux?


Answer

To block a specific user agent to reaching the Plesk control panel, use these steps:

• Edit the file /etc/sw-cp-server/conf.d/plesk.conf.
• Add the following configuration (where hello, world and helloworld are case-insensitive:

Code Select Expand

map $http_user_agent $badagent {
     default 0;
     ~*hello 1;
     ~*world 1;
     ~*helloworld 1;
}

• Now paste the if condition within the domain's (the "server" block, where sw-cp-server is listening) configuration file, e.g.:

Code Select Expand

if ($badagent) {
     return 403;
}

• You should have your file looking closer to this:

Code Select Expand

map $http_x_requested_with $error_doc_format {
     default html;
     XMLHttpRequest json;
}

map $http_x_forwarded_proto $original_proto {
 default $http_x_forwarded_proto;
     ""      $scheme;
}

map $http_user_agent $badagent {
    default         0;
    ~*hello     1;
    ~*world     1;
    ~*helloworld 1;
}

server {
 listen 8443 ssl;
     listen 8880;
     listen 127.0.0.1:8880 default_server;|
     include conf.d/*ipv6_ports.inc;
     http2 on;

     ssl_certificate /opt/psa/admin/conf/httpsd.pem;
     ssl_certificate_key /opt/psa/admin/conf/httpsd.pem;
     include conf.d/*plesk.inc;
     include conf.d/*wpb.inc;

     if ($badagent) {
          return 403;
     }
}

• Restart the Plesk frontend:

Note: the command will cause a brief downtime, while the frontend is being restarted:

Code Select Expand

# systemctl restart sw-cp-server
Make a non-redirect following query with a specified user agent. Now it will return 403:

Code Select Expand

# curl -Ik https://example.com:8443 -A "hello"
HTTP/2 403
server: nginx
date: Mon, 24 Mar 2025 19:29:54 GMT
content-type: text/html
content-length: 146