Applicable to:
- Plesk 12.5 for Linux
- Plesk Onyx for Linux
Question
How to disable a single ModSecurity rule by its ID for a particular domain?
Answer
Note: Keep in mind the following article though (not all rules can be disabled in the following manner because of MODSEC-274).
The easiest way to do it is via Plesk Interface through Web Application Firewall tab.
For that:
- Log into Plesk.
- Go to Domains > example.com > Web Application Firewall.
- Specify the rule IDs (for example,
340003), tags (for example, CVE-2011-4898), or a regular expression (for example,XSS) used in the rules that need to be switched off, and click OK.Note: Make sure that Web application firewall mode is set to Detection only or On.
Alternatively, it is possible to use Additional Apache Directives as described above:
- Log into Plesk.
- Create a custom Apache directive under Domains > example.com > Apache & nginx Settings > Additional Apache directives section:
Note: it is possible to specify more than one RuleID. Simply add another line, like the following:
CONFIG_TEXT: <IfModule mod_security2.c>
SecRuleRemoveById 340162
SecRuleRemoveById 340163
</IfModule>OR
CONFIG_TEXT: <IfModule mod_security2.c>
SecRuleRemoveById 340162 340163
</IfModule>
In the example above rules with IDs 340162 and 340163 are disabled for domain example.com.
Additional Information
Note: The information on the links below describe how it worked in older versions of Plesk. This is additional information and there is no need to Apply it on Plesk newer then 11.x.
Mod security - Atomicorp Wiki: Creating custom rules
Mod security - Atomicorp Wiki: Disabling Mod_security per domain
Comments
0 comments
Please sign in to leave a comment.