Support » Plugin: WP Cerber Security, Anti-spam & Malware Scan » Apache mod_rewrite module is not enabled – using nginx

  • Hi Gregory,

    I found that this topic has been adressed before, and (sadly) it didn’t sound like you intend to support nginx. Nevertheless, nginx is still a lot faster and leaner than Apache, and for some time Plesk has offered an option to use only nginx, and dispense with Apache completely. I had been doing that even before Plesk offered it, using custom Plesk templates. I have also developped a lot of nginx configs (under Plesk) for various applications. So it seems like I’ve become an nginx fan.

    As I was configuring Cerber now, I got the message above. Worse, the message does not come for suppressing PHP und “uploads” – Cerber just deposits a .htaccess at that location, without checking if Apache is in use. In my case, it’s still installed on the server, but has an empty configuration. I would view this as something which needs fixing, at least in the sense of giving user feedback that a Cerber feature does not work.

    I have got used to the way iThemes Security handles this question: It writes out a file “nginx.conf” in the WP webroot, and my own nginx config file includes that one. Of course I could put most of those rules in my own config file, but some of them are not static, such as ones which block malicious IPs, or Hackrepairs list – I’m more than happy to leave it to iTS to keep such things current.

    I had been hoping to replace iTS completely with WP Cerber (and Clearfy) – can you imagine writing out rules for nginx? If not, at least please check all rules which rely on Apache and warn the user if those features are not working – basically, I need to know what I have to do myself or with other plugins.

    BTW the IP-blocking I plan to take care of with Cerber’s feature to feed Fail2ban, so that can be removed from “my” problem list 🙂

    Another BTW: It did cross my mind to reverse-proxy to Apache for those sites using Cerber. But the problem here is, they are on a baremetal server with quite a few other sites, and my Plesk Custom Templates completely chop out all Apache configuration…

    Last thing: I’m working for a client and I do believe he (Michael Räumelt) already has a Pro license (I asked them to get one), but I don’t have the details yet, which is why I’m posting here.

    Another last thing: From what I’ve seen of Cerber up to now I’m already a fan, it’s only this one issue I have )-:

    Cheers, Tim

Viewing 5 replies - 1 through 5 (of 5 total)
  • I use Kinsta (nginx) and this plugin has caused issues with my mediapress galleries. I removed the plugin, but can’t figure out how to get my images back up. Can you perhaps point in me in the right direction, please?

    Thread Starter Tim Reeves

    (@tim-reeves)

    To add to my “evidence” that we need to take Nginx seriously: I just noticed a link in standard WP on one of the settings pages (permalinks) about nginx, leading to this article. There they also describe a pure nginx config (no apache).

    Plugin Author Gregory

    (@gioni)

    I promise we will consider all possible ways to make WP Cerber more compatible with NGINX soon. I’m not an expert in NGINX, but from my understanding, since there is no mechanism like .htaccess files, you need to reload NGINX to force it to pick up all the changes in the config files. That’s frustrating.

    Thread Starter Tim Reeves

    (@tim-reeves)

    I was just grinding my teeth, as it looked like I’ll have to keep running iTS (iThemes Security) in parallel with Cerber. And then –

    Great, thanks for this, Gregory! Yeah, you could look at iTS and also W3TC, they both handle nginx, both writing a denoted own section of nginx config statements to <webroot>/nginx.conf. So if you stick with that, everyone will be writing a section to the same “extra” file, which admins then need to “include” in their own nginx config. This is a pretty standard procedure, and Plesk offers a dedicated place to link in own nginx config files. I admit it’s all a bit unfamiliar at the start, and nginx syntax does take a bit of getting used to.

    Regarding the static config of nginx needing to be reloaded when changed – yes, this is correct. This is by efficient design, to not to have to wander through all the folders in the path to a file looking for changed config, every time you want to serve a file! iTS handles this quite sweetly, with a slide-in little window reminding you to restart nginx every time it writes to the nginx.conf file.

    After initial “walkabout” getting my head around the diffentness of nginx, over time I have become a definite fan. Almost 5 years ago a wrote an article (PDF) on using Nginx with Plesk – in German (if you happen to read German).

    In the wonderful world of Open Source your best bet is probably to first bone up a bit in general, then look at what iTS does, which I’ve been using for a few years and it’s nginx code seems just fine. If you need a beta tester, here I am. Greetings from near Hanover, Germany, to the US of A.

    Tim

    Thread Starter Tim Reeves

    (@tim-reeves)

    BTW one thing to be careful on is detecting if nginx is in use. You could look in the other plugins which do so – and now, also in WP itself.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.