I recently upgraded to PLESK 12.5.
I am having a number of issues with ASL that I am not sure how to resolve.
Firstly I am unable to access to the ASL web interface.
I get the following error:
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely.
As a result, it is not possible to add an exception for this certificate.
i edited /var/asl/etc/httpd/conf.d/ssl.conf
and commented the following lines.
Code: Select all
#Header add Strict-Transport-Security "max-age=15768000;includeSubDomains"
#Header always append X-Frame-Options SAMEORIGIN
#2 Nginx , php-fpm, mod_security
All mod_security entries report the client as the host server and not the actual IP of the offender.
Code: Select all
[Sun Sep 06 21:16:20 2015] [error] [client xxx.xxx.xxx.xxx] ModSecurity: [file "/etc/httpd/modsecurity.d/99_asl_jitp.conf"] [line "313"] [id "336468"] [rev "2"] [msg "Atomicorp.com WAF Rules - Virtual Just In Time Patch: Google Maps plugin for Joomla probe"] [severity "CRITICAL"] Access denied with code 403 (phase 1). Match of "beginsWith %{request_headers.host}" against "TX:1" required. [hostname "www.abcd.co.za"] [uri "/plugins/system/plugin_googlemap2/plugin_googlemap2_proxy.php"] [unique_id "VeyRBMXdE@IAAFYYn7YAAAAA"]
I have the following mod_security installed.
Code: Select all
rpm -qa | grep mod_security
mod_security-2.9.0-25.el6.art.x86_64
rpm -qa | grep plesk-mod*
plesk-modsecurity-crs-12.5.29-centos6.15081418.x86_64
plesk-modsecurity-configurator-12.5.30-cos6.build1205150826.19.noarch
Any suggestion or ideas will be great!
Plesk will install its own ModSecurity package. However, during the pre-upgrade check Plesk Installer will ask you if you agree that Plesk ModSecurity can be installed on top of your existing installation.
Your existing ModSecurity configuration is left as is. However, there are many distributions and configurations for ModSecurity, so it is hard to predict how old and new configurations may conflict. To avoid problems, save your existing configuration and uninstall ModSecurity before upgrading to Plesk 12 (or before installing Plesk's ModSecurity).