• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Cannot activate atomic basic modsecurity

Franco

Regular Pleskian
Hi, it all started after upgrading to Plesk 12.5 (now on 12.5.30 update 48). I could no longer enable firewall rules the way it used to be with 12.0. When I do I get the following: Error: The firewall rules management has not been enabled.
I cannot find clues in various psa logs and forums, this is still a problem. I thought it might be due modsecurity which was not installed and I then installed it. However, when I try and enable the fist option, atomic basic rule set I get the following:

Error: modsecurity_ctl failed: /usr/local/psa//admin/sbin/httpd_modules_ctl: line 109: /etc/httpd/conf/httpd-ori.conf
/etc/httpd/conf/httpd.conf.new: No such file or directory
cat: /etc/httpd/conf/httpd-ori.conf
/etc/httpd/conf/httpd.conf: No such file or directory
mv: cannot stat `/etc/httpd/conf/httpd-ori.conf\n/etc/httpd/conf/httpd.conf.new': No such file or directory
START httpd_modules_ctl --enable security2,unique_id

Of course I followed the suggested knowledge based article which forces you to reisntall modsecurity, but I get the same end result.

Any clues, please? These might be 2 different problems, or course, or perhpas they have the same root cause, that's why I am kind of keeping them together here.
 
Some progress. I had noticed the following error in wordpress logs:
ModSecurity: ModSecurity requires mod_unique_id to be installed.

I then uncommented the mod_unique_id line in httpd conf and restarted httpd. Now I can enable modsecurity in Plesk. Remains the original problem, the firewall management rules that cannot be set from Plesk. Any idea?

Btw, I am on CentOs 6.7.
 
Hi all, here is the solution that worked for me and might be useful to others too. I mean, if you have this "Error: The firewall rules management has not been enabled" when saving the firewall rules in Plesk.

First of all, the log did not contain anything useful despite being very detailed and long, it wasn't worth enabling it.

I then removed the Plesk firewall extension and reinstalled it, hoping it would solve it; it wasn't the case, but this time the displayed error message was a bit more verbose and gave me the clue. My rules were inconsistent and caused the extension to reject the whole. After I found the culprit rule and fixed it everything was saved nominally.

Bottom line: if you are in the same case remove and reinsert each rule in turn till you find the one preventing the module to save them.

P.S. Be careful: if you remove the Plesk extension and reinstall it all the rules are gone, you have to start from scratch, thus better remember/note what you had before you reinstall.

Franco
 
Back
Top