PortuguêsSetting up a Web Application Firewall (WAF) in Plesk adds an extra layer of security to your websites by filtering and monitoring HTTP traffic between a web application and the Internet. Here's how you can set up a WAF in Plesk:
-
Access Plesk Panel:
- Log in to your Plesk Panel as an administrator.
-
Install ModSecurity:
- ModSecurity is an open-source WAF engine that integrates with web servers to provide real-time application security.
- Go to "Tools & Settings" > "Updates and Upgrades" > "Add/Remove Components".
- Check the box next to "Web hosting features" > "ModSecurity" and click "Continue".
-
Enable ModSecurity:
- Once installed, go to "Tools & Settings" > "Web Application Firewall (ModSecurity)".
- Click on "Switch On" to enable ModSecurity for the server.
- You can also enable ModSecurity for specific domains by navigating to "Websites & Domains" > "Domain" > "Web Application Firewall".
-
Customize ModSecurity Rules:
- Plesk allows you to customize ModSecurity rules to meet the specific needs of your websites.
- Go to "Tools & Settings" > "Web Application Firewall (ModSecurity)" > "Settings".
- Adjust the rule sets and sensitivity levels based on your requirements.
- You can also create custom rules or whitelist/blacklist certain requests.
-
Monitor ModSecurity Logs:
- Monitor ModSecurity logs regularly to identify and mitigate potential security threats.
- Go to "Tools & Settings" > "Web Application Firewall (ModSecurity)" > "Logs" to view ModSecurity logs.
-
Test ModSecurity Rules:
- After configuring ModSecurity rules, it's essential to test them to ensure they are not blocking legitimate traffic.
- You can simulate various types of attacks and monitor ModSecurity logs to verify that the rules are functioning correctly.
-
Review and Fine-Tune Rules:
- Regularly review ModSecurity logs and fine-tune rules as needed to optimize security and minimize false positives.
- Adjust rule sets, sensitivity levels, and custom rules based on observed traffic patterns and security requirements.
-
Automate Updates:
- Configure automatic updates for ModSecurity rule sets to ensure that your WAF is always up-to-date with the latest security protections.
- Plesk provides options to enable automatic updates for ModSecurity rule sets in the "Web Application Firewall (ModSecurity)" settings.
-
Regular Maintenance:
- Perform regular maintenance tasks, such as reviewing logs, updating rule sets, and testing configurations, to ensure the effectiveness of your WAF.
By following these steps, you can set up and configure a Web Application Firewall (WAF) in Plesk to enhance the security of your web applications and protect them from common web-based attacks.
