Mod Security installer is used for preventing the attacks on web applications. Mod security will check your requests from web application and produces the response against the application. If the check fails then it will take appropriate action.
Installation of Mod Security on Plesk 12 admin panel -
1. Login to your Plesk admin panel.
2. Click on Tools and Settings on left hand side.
3. Click on Updates and Upgrades on the right hand side. New window will open here.
4. Here, it will ask root password, so make sure you will have the root password. Enter it.
5. Click on Add and Remove Product Components.
6. Select Plesk hosting features >> Select ModSecurity Web Application Firewall for Apache.
7. Click on Install option on the bottom of the page.
Once done, you will get the confirmation box of successful installation.
Configuration of Mod Security on Plesk 12 admin panel -
1. Follow Tools and Settings >> Security >> Web Application Firewall Mod(ModSecurity)
2. You will get three modes of mod security here as below -
i. Off -
If you will select this option then it will not check your HTTP request and responses.
ii. Detection Only -
It will check your each HTTP request and equivalent responses against the defined set of rules. If the request get validates then it will be passed for web-content, else event will be logged without any further action.
iii. On -
It will check your each HTTP request and equivalent responses against the defined set of rules. If the request get validates then it will be passed for web-content, else event will be logged and error notification is sent with HTTP response with error code.
You can select any of the option as per your choice. You should take trial of the set of defined rules for some period then you can apply to live server.
3. Now, select the rule set which you would like to apply. By default 'Atomic Basic ModSecurity Rule' is defined.
4. Enable 'Update rule sets' and set it to weekly.
5. Now, you have three options as below under Configuration as Fast, Tradeoff and Thorough -
1. Fast - It will analyze the HTTP URI and headers.
2. Tradeoff - It will analyze the HTTP URI, headers and request POST data.
3. Thorough - It will analyze the HTTP URI, headers,request, POST data and HTTP response body.
Each option will require the more CPU resources so you can select the option as per your choice.
6. Click on 'OK' option to apply the settings. This will automatically restart Apache and load the new ModSecurity settings.