Applicable to:
- Plesk for Linux
- Plesk for Windows
Question
How to disable specific ModSecurity rules for a domain or server-wide?
Answer
Note: Not all rules can be disabled due to the MODSEC-274 bug in ModSecurity.
Via ModSecurity settings
-
Go to Domains > example.com > Web Application Firewall (ModSecurity).
Note: The Switch off security rules section is visible only when the Web Application Firewall (ModSecurity) mode is set to On or Detection only.
Via additional Apache directives (Linux only)
Note: This solution is intended for Plesk administrators only.
-
Go to Domains > example.com > Hosting & DNS > Apache & nginx
-
Create a custom Apache directive and put it into the Additional directives for HTTP and Additional directives for HTTPS fields. In the following examples, rules with IDs 340162 and 340163 will be disabled:
Note: It is possible to specify more than one rule ID by using either of the following examples:
CONFIG_TEXT: <IfModule mod_security2.c>
SecRuleRemoveById 340162
SecRuleRemoveById 340163
</IfModule>OR
CONFIG_TEXT: <IfModule mod_security2.c>
SecRuleRemoveById 340162 340163
</IfModule>
-
Go to Tools & Settings > Web Application Firewall (ModSecurity).
Note: The Switch off security rules section is visible only when the Web Application Firewall (ModSecurity) mode is set to On or Detection only.
-
In the Switch off security rules section of the page, you may switch off rules as follows:
-
By rule IDs. Add IDs from the error message to the Security rule IDs field as shown on the following picture (Click to enlarge) and apply the changes.
Note: If there are several rule IDs, put each on a new line.
-
By rule tags. Add rule tags from the error message from Active to Deactivated as shown on the following picture (Click to enlarge) and apply the changes.
-
Comments
1 comment
Hi,
Ok thx.
If you want to disable a rule for a specific folder use this :
<IfModule mod_security2.c>
# General rules
SecResponseBodyLimit 536870912
SecRuleRemoveById 999777
# A comment
<Directory /var/www/vhosts/domain.tld/httpdocs/yourfolder>
SecRuleRemoveById 999888
</Directory>
</IfModule>
Replace domain.tld and yourfolder with correct informations for you ...
Please sign in to leave a comment.