How to disable a single ModSecurity rule for a website in Plesk

Question

How to disable a single ModSecurity rule for a domain?

Answer

Note: Not all rules can be disabled due to the MODSEC-274 bug in ModSecurity.

Via ModSecurity settings

1. In Plesk, go to Domains > example.com > Web Application Firewall (Fail2Ban).

2. In the Switch off security rules section, specify rule IDs (for example, 340003), tags (for example, CVE-2011-4898), or a regular expression (for example, XSS) used in the rules that need to be switched off, and click OK.

   Note: Make sure that the web application firewall mode is set to On or Detection only.

Via additional Apache directives

1. In Plesk, go to Domains > example.com > Apache & nginx Settings.

2. Create a custom Apache directive and put it into the Additional directives for HTTP/HTTPS fields. In the following example, rules with IDs 340162 and 340163 will be disabled:

   Note: It is possible to specify more than one RuleID. Simply add another line with RuleID on a new line.

   CONFIG_TEXT: <IfModule mod_security2.c>
   SecRuleRemoveById 340162
   SecRuleRemoveById 340163
   </IfModule>

   OR

   CONFIG_TEXT: <IfModule mod_security2.c>
   SecRuleRemoveById 340162 340163
   </IfModule>