Web Application Firewall

Plesk provides an integrated Web Application Firewall feature via mod_security. This is an advanced feature, so by default it’s turned off.

When you come to enable it (Tools & Settings > Security > Web Application Firewall), you’ll notice that in addition to a Detection only mode (to preview which requests would be blocked), you can also choose from a variety of different predefined Rule sets, or define your own custom rules.

Creating and maintaining security rules that are effective at blocking malicious traffic whilst also allowing your legitimate traffic to flow freely is a difficult and time consuming task. Thankfully, others are already doing this for you! However, not all rule sets are equal.

Here we compare the two most popular options, both powered by Atomic: Basic ModSecurity (free), and Advanced ModSecurity Rules (provided by the Security Core Complete subscription add-on):

Feature Basic ModSecurity Advanced ModSecurity Rules
SQL injection Yes Yes
Cross-site scripting (XSS Yes Yes
Remote file inclusion (RFI) Yes Yes
Local file inclusion (LFI) Yes Yes
Command injection Yes Yes
Virtual patching Limited Yes
Malware  
Advanced protection for WordPress, Joomla, Drupal, and Magento No Yes
Malicious website code suppression No Yes
Web shell blocking No Yes
Brute force protection No Yes
PCI-DSS compliance No Yes
Data loss protection No Yes
Bot protection  
Malicious bots No Yes
Comment form spam No Yes
False positives  
Advanced false positive prevention No Yes
Real time correction to false positive rules No Yes
Search engine spider whitelist No Yes
Anti-evasion protection No Yes
Manual override (whitelisting) No Yes
Updates  
Real time blacklists No Yes
Crowd sourced threat intelligence No Yes
Rules updated multiple times per day No Yes

14
2885

Need More Help?

If you're still having problems, get in touch with our 24/7 support team! We'll be more than happy to help.