Facebook
TwitterJeffreyReed
New Pleskian
- Server operating system version
- AlmaLinux 9.6
- Plesk version and microupdate number
- Plesk Obsidian 18.0.73.3
Hey Everyone,
We’ve been troubleshooting an issue where ModSecurity simply refuses to trigger or apply the Atomic Advanced Ruleset on our Plesk Obsidian (latest build) server running AlmaLinux 9. The license is active and confirmed under Tools & Settings → Web Application Firewall, set to “Atomic Advanced (bought from Plesk)” with the mode set to “On (Blocking)”.
We can ping and trace ka.plesk.com successfully, and have already tried:
Despite all that, the Atomic ruleset never appears as installed —
plesk sbin modsecurity_ctl --ruleset-installed --ruleset atomic returns not installed, and trying to install it results in MODSEC_VENDOR_LOGIN exit status 1.
We’ve verified outbound connectivity, confirmed the Plesk license is active, and validated that the server can reach both Plesk and Atomic endpoints. At this point, it feels like Plesk isn’t actually pulling the ruleset from Atomic even though the license is valid.
Additionally, while troubleshooting, ModSecurity broke our debug/logging folder entirely — we had to fully disable and re-enable ModSecurity just to restore logging functionality.
Has anyone run into this recently on AlmaLinux 9 or found a workaround to get the Atomic Advanced ruleset to actually download and trigger correctly? Any insight or experience would be greatly appreciated!
I see in the logs as well that it says AtomicRuleset but I don't see it applied within my server itself.
Some logs:
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); AtomicRuleset.
Server: Apache
Engine-Mode: "ENABLED"
Thanks
Jeffrey Reed Jr.
We’ve been troubleshooting an issue where ModSecurity simply refuses to trigger or apply the Atomic Advanced Ruleset on our Plesk Obsidian (latest build) server running AlmaLinux 9. The license is active and confirmed under Tools & Settings → Web Application Firewall, set to “Atomic Advanced (bought from Plesk)” with the mode set to “On (Blocking)”.
We can ping and trace ka.plesk.com successfully, and have already tried:
- Disabling and re-enabling ModSecurity multiple times
- Switching between OWASP, Comodo, and Atomic rulesets
- Restarting Apache and Nginx
- Running plesk sbin modsecurity_ctl --apply-config, --enable-ruleset --ruleset atomic, and similar commands
- Re-authenticating the Atomic vendor login
- Resetting the ModSecurity configuration completely
Despite all that, the Atomic ruleset never appears as installed —
plesk sbin modsecurity_ctl --ruleset-installed --ruleset atomic returns not installed, and trying to install it results in MODSEC_VENDOR_LOGIN exit status 1.
We’ve verified outbound connectivity, confirmed the Plesk license is active, and validated that the server can reach both Plesk and Atomic endpoints. At this point, it feels like Plesk isn’t actually pulling the ruleset from Atomic even though the license is valid.
Additionally, while troubleshooting, ModSecurity broke our debug/logging folder entirely — we had to fully disable and re-enable ModSecurity just to restore logging functionality.
Has anyone run into this recently on AlmaLinux 9 or found a workaround to get the Atomic Advanced ruleset to actually download and trigger correctly? Any insight or experience would be greatly appreciated!
I see in the logs as well that it says AtomicRuleset but I don't see it applied within my server itself.
Some logs:
Producer: ModSecurity for Apache/2.9.12 (http://www.modsecurity.org/); AtomicRuleset.
Server: Apache
Engine-Mode: "ENABLED"
Thanks
Jeffrey Reed Jr.
