• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Web Application Firewall Security Rules Not Deactivating

F

FizzyDev

New Pleskian
I have detected a WAF rule blocking activity.

[client ******] ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "2242"] [id "33340748"] [rev "2"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Generic Path Recursion denied"] [severity "CRITICAL"] Access denied with code 403 (phase 2).

I have appended 33340748 to the Switch off security Rules:

Security rules ID shows
33350147
33340147
33340748

I'm assuming it's one entry per row, rather than comma seperated.

Having done this, the activity is still being blocked.
 
Thank you for the links.

I followed the instructions on "Cannot disable ModSecurity rules via Switch off security rules in Plesk" a few days ago and it would not accept the
<IfModule mod_security2.c>.......</IfModule> code. It kept throwing and error saying the rule needed an action.

I've revisted the issue today and pasted in the same code and today it's taken it and solved the problem.
 
You must log in or register to reply here.

Similar threads

R
Issue Problem with web application firewall - file extension is restricted by policy
Replies
3
Views
445
Linulex
Linulex
U
Issue Error message ID 19494#0, 5467#0 and ModSecurity
Replies
3
Views
2K
Peter Debik
P
Azurel
Issue Is it possible to add query-string in error_log (ModSecurity)?
Replies
1
Views
876
IgorG
IgorG
F
Issue Apache Error 403 Make Server Crash (AND BURN!)
Replies
3
Views
2K
Hex
Hex
J
Issue ModSecurity: returns default Apache test page - not 403
Replies
1
Views
4K
John S.
J
Back
Top