Resolved 403 - Forbidden: Access is denied for PUT and PATCH Request

[AV0408]

Server operating system version

Microsoft Windows Server 2019

Plesk version and microupdate number

18.0.55 Update #2

Hi, I recently deployed .Net Core Web API on Plesk and once I try to use PATH and PUT methods I'm getting 403 Error.



But the POST and GET are working

 

[hitesh-wappnet]

I got the similar issue in my Nest JS API. PUT,PATCH,DELETE methods gives 403 - Forbidden error.
Solution :
Go to Plesk -> 'Tools & Settings' -> Web Application Firewall (ModSecurity) -> Settings
- Rule set : Atomic Standard

This worked for me.

 

[Peter Debik]

Switching the ruleset might not be necessary. For one case, another ruleset might work, but it may create false positives in other cases.

Instead, examine the error_log entry where the 403 error is logged. It will mention an [ID .......] field. This is the rule ID that triggered the 403 block. You could at it as an exception to the rule exceptions in the "Web Application Firewall" dialog page.

 

[hitesh-wappnet]

Okay, I have again enabled Rule set : OWASP . In my case, I have deactivated 'OWASP_CRS' Rule and everything is working as expected.
Thank you for the correct solution.