How to Set Up Plesk to Work as Apache for WP Ghost Path Security
June 30, 2023
This tutorial has moved to the new WP Ghost Knowledge Base where each feature is presented in detail.
If your hosting uses Plesk with Nginx, configure Plesk to pass all requests through Apache so WP Ghost can write its path security and firewall rules to .htaccess. Then set the server type to Apache in WP Ghost settings.
Why This Configuration Is Needed
Many Plesk hosting environments run Nginx as a front-end proxy with Apache handling the backend. By default, Nginx may serve static files (CSS, JS, images) directly, bypassing Apache entirely. This means .htaccess rules never apply to those requests, and WP Ghost’s path security and firewall rules will not work correctly for static content.
The solution is to configure Plesk so that Apache handles all content, both static and dynamic. Nginx still acts as a reverse proxy in front of Apache, but it passes every request through instead of serving static files on its own. This lets WP Ghost write all its rewrite rules to .htaccess and have them apply to every request.
If you prefer to keep Nginx handling static files for performance reasons, you can configure WP Ghost for Nginx instead. See the Nginx Server Setup guide for that approach.
Step 1 – Configure Plesk to Pass All Requests Through Apache
1. Log into Plesk as an administrator.
2. Go to Websites & Domains and click Apache & nginx Settings for your domain.
3. Scroll down to the nginx settings section.
4. Check the Proxy mode checkbox. This enables Nginx to act as a reverse proxy that forwards all requests to Apache.
5. Uncheck the Smart static files processing checkbox. This ensures static files are not handled by Nginx separately.
6. Uncheck the Serve static files directly by nginx checkbox. This tells Nginx to pass all static file requests to Apache for handling.
7. Click Apply to save the changes.
With these settings, Apache handles all content while Nginx acts as a transparent reverse proxy. This is the configuration that gives WP Ghost full control over path security through .htaccess rules.
For the full Plesk documentation on this configuration, see: Plesk – Serve All Content via Apache.
Step 2 – Set the Server Type in WP Ghost
Now that Plesk is configured to use Apache for all requests, tell WP Ghost to use Apache-specific rules.
1. Log into your WordPress dashboard.
2. Go to WP Ghost > Change Paths.
3. Scroll down to the Rewrite Rules section and find the Server Type option.
4. Select Apache from the dropdown.
5. Click Save.
WP Ghost now writes all its path security and firewall rules to the .htaccess file, which Apache reads for every incoming request.
Step 3 – Activate Path Security and Verify
1. Still in WP Ghost > Change Paths, select Safe Mode or Ghost Mode (Premium).
2. Customize your paths as needed and click Save.
3. Click the Frontend Login Test to verify your new login path loads correctly.
4. Open your site in an incognito browser and confirm the old paths (like /wp-admin/ and /wp-login.php) return 404 errors.
5. Run a Security Check at WP Ghost > Security Check to confirm everything is configured correctly.
For the full recommended configuration, see the WP Ghost Settings Best Practice guide.
Performance Considerations
Routing all static files through Apache instead of letting Nginx serve them directly may have a small performance impact on high-traffic sites. Nginx is generally faster at serving static files. However, for most WordPress sites the difference is negligible, and the security benefit of having full .htaccess control far outweighs the minor performance trade-off.
If performance is critical and you want Nginx to continue serving static files, configure WP Ghost for Nginx instead of Apache. This requires adding WP Ghost’s rewrite rules to your Nginx configuration file. See the Nginx Server Setup guide or the Custom Nginx Config File tutorial.
Frequently Asked Questions
Can I use WP Ghost on Plesk without switching to Apache mode?
Yes, but you will need to configure WP Ghost for Nginx instead. This requires adding rewrite rules to your Nginx configuration manually or through the Plesk “Additional nginx directives” field. The Apache approach described above is simpler because WP Ghost writes .htaccess rules automatically.
Will this configuration break anything on my site?
No. Switching Plesk to Apache-only mode is a supported configuration and will not break your WordPress site. Nginx continues to run as a reverse proxy in front of Apache, so your site remains accessible. The only change is that Apache now processes all requests instead of Nginx handling static files separately.
How do I know if my Plesk server is using Apache or Nginx?
Go to Websites & Domains > Apache & nginx Settings in Plesk. If you see the Nginx settings section with proxy mode and static file options, your server runs both Nginx and Apache. If there is no Nginx section, your server runs Apache only and you do not need this configuration step.
Does WP Ghost modify WordPress core files?
No. WP Ghost uses server rewrite rules (.htaccess on Apache, config files on Nginx) and WordPress hooks. No core files are moved, renamed, or modified. Deactivating the plugin restores all default paths instantly.
