• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Resolved Web Application Firewall Security Rules Not Deactivating

FizzyDev

New Pleskian
I have detected a WAF rule blocking activity.

[client ******] ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "2242"] [id "33340748"] [rev "2"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Generic Path Recursion denied"] [severity "CRITICAL"] Access denied with code 403 (phase 2).

I have appended 33340748 to the Switch off security Rules:

Security rules ID shows
33350147
33340147
33340748

I'm assuming it's one entry per row, rather than comma seperated.

Having done this, the activity is still being blocked.
 
Thank you for the links.

I followed the instructions on "Cannot disable ModSecurity rules via Switch off security rules in Plesk" a few days ago and it would not accept the
<IfModule mod_security2.c>.......</IfModule> code. It kept throwing and error saying the rule needed an action.

I've revisted the issue today and pasted in the same code and today it's taken it and solved the problem.
 
Back
Top