Issue ModSecurity configuration files and directives remain on the server after its removal

[Kulturmensch]

Server operating system version

Ubuntu 22.04.5 LTS

Plesk version and microupdate number

Plesk Obsidian v18.0.64_build1800240913.11 os_Ubuntu 22.04

After some problems with Modsecurity I removed it using Plesk installer (web interface). This seemed to work and now it is indicated as removed



However in /etc/nginx/conf.d/ modsecurity.conf still exists with the following content:

#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
modsecurity on;
modsecurity_rules_file /etc/nginx/modsecurity.d/main.conf;

So it says Modsecurity is on and receives the configuration by .../main.conf what also exists in /etc/nginx/modsecurity.d/ Here you find the files:



Looking in the nginx protocolls I find the error "2024/09/19 18:39:48 [notice] 648077#0: ModSecurity-nginx v1.0.3 (rules loaded inline/local/remote: 0/2399/0)"

So, I suppose installing and removing modsecurity by plesk installer leave rests in the nginx configuration. Is this wanted or an issue?
However, is it safe to simply remove the modsecurity files/directories in the nginx configuration to get rid of the errors?

 

[Sebahat.hadzhi]

Thank you for the report. I was able to reproduce the issue. I am consulting with our team and I will update you shortly.

 

[Sebahat.hadzhi]

@Kulturmensch, our team confirmed the behavior as a bug with ID PPPM-14616. A fix will be introduced in one of the upcoming releases. I cannot provide any ETA for the time being.

In the meantime, there shouldn't be a problem to manually remove /etc/nginx/conf.d/modsecurity.conf and the entire /etc/nginx/modsecurity.d/ directory. If ModSecurity is installed again, they will be recreated.

Thank you once again for bringing the issue to our attention.