Facebook
Twitter
It's not a bug, but it's a bit annoying.:On Obsidian no day passes on which we don't get a call or support ticket from a customer who is blocked by fail2ban because his website offended some Comodo basic ModSecurity rule. We have seen it on Wordpress websites frequently when customers simply use the Wordpress editor, we've also seen it in shop systems. We have also seen it in Nextcoud installations.
It is always these two rules:
210710
214930
and sometimes a third, that may vary.
So basically one can say: If these are not added to the exception list of the "Web Application Firewall" icon, most customers will sooner or later run into problems with accessing their sites, because they will be blocked by fail2ban responding to ModSecurity 403 blocks in the webserver log files. It might be a good idea for Plesk staff to check into these rules and consider disabling them by default. It's not feasible to have rules in place who frequently act against their own website operators.
The same issues are not occuring with the Atomic basic rule set on Onyx systems.
It is always these two rules:
210710
214930
and sometimes a third, that may vary.
So basically one can say: If these are not added to the exception list of the "Web Application Firewall" icon, most customers will sooner or later run into problems with accessing their sites, because they will be blocked by fail2ban responding to ModSecurity 403 blocks in the webserver log files. It might be a good idea for Plesk staff to check into these rules and consider disabling them by default. It's not feasible to have rules in place who frequently act against their own website operators.
The same issues are not occuring with the Atomic basic rule set on Onyx systems.
