• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved ModSecurity configuration files and directives remain on the server after its removal

Kulturmensch

Regular Pleskian
Server operating system version
Ubuntu 22.04.5 LTS
Plesk version and microupdate number
Plesk Obsidian v18.0.64_build1800240913.11 os_Ubuntu 22.04
After some problems with Modsecurity I removed it using Plesk installer (web interface). This seemed to work and now it is indicated as removed

1726818461663.png

However in /etc/nginx/conf.d/ modsecurity.conf still exists with the following content:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
modsecurity on;
modsecurity_rules_file /etc/nginx/modsecurity.d/main.conf;

So it says Modsecurity is on and receives the configuration by .../main.conf what also exists in /etc/nginx/modsecurity.d/ Here you find the files:

1726818544261.png

Looking in the nginx protocolls I find the error "2024/09/19 18:39:48 [notice] 648077#0: ModSecurity-nginx v1.0.3 (rules loaded inline/local/remote: 0/2399/0)"

So, I suppose installing and removing modsecurity by plesk installer leave rests in the nginx configuration. Is this wanted or an issue?
However, is it safe to simply remove the modsecurity files/directories in the nginx configuration to get rid of the errors?
 
@Kulturmensch, our team confirmed the behavior as a bug with ID PPPM-14616. A fix will be introduced in one of the upcoming releases. I cannot provide any ETA for the time being.

In the meantime, there shouldn't be a problem to manually remove /etc/nginx/conf.d/modsecurity.conf and the entire /etc/nginx/modsecurity.d/ directory. If ModSecurity is installed again, they will be recreated.

Thank you once again for bringing the issue to our attention.
 
Thank you for checking this issue. I removed the modsecurity rests and found also modsecurity-files in each /var/www/vhosts/sytems/xxx.domain.tld/conf/
Just to complete the information. I removed all files with an impact to nginx and it works. Now the error has gone.
 
I just started to give modsecurity a second try but got this after re-installed it with plesk-installer:
modsecurity_ctl failed: START nginx_modules_ctl --no-restart --enable modsecuritynginx: [emerg] unknown directive "modsecurity" in /etc/nginx/conf.d/modsecurity.conf:5nginx: configuration file /etc/nginx/nginx.conf test failedNginx configuration after enable of 'modsecurity' is in invalid state, rollback the changeDer aktuelle ModSecurity Regelsatz kann nicht verwendet werden und die vorherige Version kann nicht wiederhergestellt werden, da beide ungültige Regeln enthalten.
Any idea how to get it work?
 
I am unable to find any similar cases and unfortunately, not quite sure what is causing the issue. If you have the option, please open a support ticket so our team could log into the server and check what might be triggering the error.
 
Back
Top