How to block user-agents in Plesk Control Panel on Linux?

Started by Suhitha, Aug 09, 2025, 05:24 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Suhitha

Aug 09, 2025, 05:24 AM
Question

How to block user-agents in Plesk Control Panel on Linux?


Answer

To block a specific user agent to reaching the Plesk control panel, use these steps:

  • Edit the file /etc/sw-cp-server/conf.d/plesk.conf.
  • Add the following configuration (where hello, world and helloworld are case-insensitive:
  • Code Select
    map $http_user_agent $badagent {[/li]
    [li]     default 0;[/li]
    [li]     ~*hello 1;[/li]
    [li]     ~*world 1;[/li]
    [li]     ~*helloworld 1;[/li]
    [li]}[b][/b]
  • Now paste the if condition within the domain's (the "server" block, where sw-cp-server is listening) configuration file, e.g.:
  • Code Select
    if ($badagent) {[/li]
    [li]     return 403;[/li]
    [li]}[b][/b]
  • You should have your file looking closer to this:
  • Code Select
    map $http_x_requested_with $error_doc_format {[/li]
    [li]     default html;[/li]
    [li]     XMLHttpRequest json;[/li]
    [li]}[/li]
    [li][/li]
    [li]map $http_x_forwarded_proto $original_proto {[/li]
    [li] default $http_x_forwarded_proto;[/li]
    [li]     ""      $scheme;[/li]
    [li]}[/li]
    [li][/li]
    [li]map $http_user_agent $badagent {[/li]
    [li]    default         0;[/li]
    [li]    ~*hello     1;[/li]
    [li]    ~*world     1;[/li]
    [li]    ~*helloworld 1;[/li]
    [li]}[/li]
    [li][/li]
    [li]server {[/li]
    [li] listen 8443 ssl;[/li]
    [li]     listen 8880;[/li]
    [li]     listen 127.0.0.1:8880 default_server;|[/li]
    [li]     include conf.d/*ipv6_ports.inc;[/li]
    [li]     http2 on;[/li]
    [li][/li]
    [li]     ssl_certificate /opt/psa/admin/conf/httpsd.pem;[/li]
    [li]     ssl_certificate_key /opt/psa/admin/conf/httpsd.pem;[/li]
    [li]     include conf.d/*plesk.inc;[/li]
    [li]     include conf.d/*wpb.inc;[/li]
    [li][/li]
    [li]     if ($badagent) {[/li]
    [li]          return 403;[/li]
    [li]     }[/li]
    [li]}[b][/b]
  • Restart the Plesk frontend:
  • Note: the command will cause a brief downtime, while the frontend is being restarted:
  • # systemctl restart sw-cp-server
  • [/b]
  • Make a non-redirect following query with a specified user agent. Now it will return 403:
  • # curl -Ik https://example.com:8443 -A "hello"
  • HTTP/2 403
  • server: nginx
  • date: Mon, 24 Mar 2025 19:29:54 GMT
  • content-type: text/html
  • content-length: 146[/b]
Print
Go Up Pages1
User actions