Resolved Web Application Firewall Security Rules Not Deactivating

[FizzyDev]

I have detected a WAF rule blocking activity.

[client ******] ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "2242"] [id "33340748"] [rev "2"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Generic Path Recursion denied"] [severity "CRITICAL"] Access denied with code 403 (phase 2).

I have appended 33340748 to the Switch off security Rules:

Security rules ID shows
33350147
33340147
33340748

I'm assuming it's one entry per row, rather than comma seperated.

Having done this, the activity is still being blocked.

 

[FISHeR]

Hi, FizzyDev

There are some useful articles that can help in solving your problem:

Cannot disable ModSecurity rules via Switch off security rules in Plesk
How to disable a single ModSecurity rule for a website in Plesk

 

[FizzyDev]

Thank you for the links.

I followed the instructions on "Cannot disable ModSecurity rules via Switch off security rules in Plesk" a few days ago and it would not accept the
<IfModule mod_security2.c>.......</IfModule> code. It kept throwing and error saying the rule needed an action.

I've revisted the issue today and pasted in the same code and today it's taken it and solved the problem.