Set up X-Forwarded-For in Plesk

You are here:
Estimated reading time: 1 min

In Plesk, the X-Forwarded-For header is already included with all IP addresses of the server in the configuration files of all web server applications. If remoteip is not enabled yet, you need to enable remoteip. from Plesk.

  1. Go to Tools and settings
  2. Apache Web Server
  3. Tick in remoteip’s checkbox under Apache modules

Please also check the logformat in the file if it looks like this:

"%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

After that is done please restart the web server

In some cases, the module might be not visible in which case you can check if the module is enabled with one of these commands depending on the operating system running on the server:

apache2ctl -M |grep remote
httpd -M |grep remote

Enable the WAF module

Now we can enable the WAF module if it was not enabled yet. You can enable the module from the Dashboard by clicking on the “Show modules” button and then click on the Switch button next to the WAF 2.0 module.

Settings

You can reach the WAF module’s settings by clicking on the Firewall menu point at the top then select the Web Application Firewall menu point.
Lets test WAF

You can test if the WAF module is working if you add /?test=/etc/passwd after one of the domains hosted on the server. e.g.: www.example.com/?test=/etc/passwd It will trigger the WAF module.

You can also test the module by following this GUIDE
Views: 271