Article ID: 121909, created on Jun 5, 2014, last review on Jun 6, 2014

  • Applies to:
  • Plesk 11.0 for Linux
  • Plesk 11.5 for Linux


PCI Compliance scan is failing on nginx due to CVE-2013-4547 that affects nginx 0.8.41 - 1.5.6 versions (fixed in nginx 1.5.7 and 1.4.4).


Plesk 11.0.9 and 11.5.30 are shipped with potentially vulnerable nginx versions (1.3 and 1.5 accordingly) although default nginx configuration is not affected. However if you have some nginx configuration customization in place it is recommended to apply workaround described in


The fix for assigned PPPM-1692 will be provided in the one of further updates. As a temporary workaround the following configuration can be used in each server{} block:

if ($request_uri ~ " ") {
    return 444;

Another possible solution is to upgrade Plesk to the latest 12.0.18 version that is shipped with nginx 1.6 version.

Search Words



PCI Compliance

plesk pci

a914db3fdc7a53ddcfd1b2db8f5a1b9c 56797cefb1efc9130f7c48a7d1db0f0c 01bc4c8cf5b7f01f815a7ada004154a2 29d1e90fd304f01e6420fbe60f66f838 0a53c5a9ca65a74d37ef5c5eaeb55d7f aea4cd7bfd353ad7a1341a257ad4724a

Email subscription for changes to this article
Save as PDF