- Plesk Onyx for Linux
Comodo rule-set does not work. One of the following errors can be found in
CONFIG_TEXT: Message: collection_store: Failed to write to DBM file "/var/cache/modsecurity/ip": Invalid argument
CONFIG_TEXT: Message: collection_store: Failed to access DBM file "/var/cache/modsecurity/ip": No such file or directory
Server performance is slow. Memory usage is very high.
/var/cache/modsecurity/ip.paghas a large size (several GBs).
Apache has stopped working. The following error can be found on Plesk homepage:
PLESK_ERROR: Unable to generate the web server configuration file on the host <example.com> because of the following errors:
Template_Exception: Can not restart web server: httpd stop failed
27 /usr/sbin/apache2 processes are killed
The issue is with BruteForce rule-set on a Comodo side.
Connect to the Plesk server via SSH.
Update Comodo rule-set to the latest version (the issue is resolved in 1.142):
# /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateModSecurityRuleSet
Make sure that the version of Comodo rule-set is 1.142 or greater:
for CentOS/RHEL-based distributions:
# cat /etc/httpd/conf/modsecurity.d/rules/comodo/rules.dat
for Debian/Ubuntu-based distributions:
# cat /etc/apache2/modsecurity.d/rules/comodo/rules.dat
If the update does not help, apply one of the following workarounds:
Switch ModSecurity off and on at Tools & Settings > Web Application Firewall (ModSecurity) .
- Use the utility
modsec-sdbm-utilwith the key
-kto remove expired elements from
The information regarding this utility can be found here.
Reduce SecCollectionTimeout to 600 sec (the default value is 1 hour). This option specifies the time-out after which old records in IP collection storage are deleted. It will prevent the growth of the file
In Plesk, go to Tools & Settings > Web Application Firewall (ModSecurity) > Settings > and specify following value in Custom directives:
Create the directory
/var/cache/modsecurity/if it does not exist. Set the following permissions on it:
# ls -ld /var/cache/modsecurity/
drwxr-xr-x 2 apache root 4096 Jun 29 18:37 /var/cache/modsecurity/
If the file
ip.pagis present in
/var/cache/modsecurity/and has large size, clear it:
Switch off ModSecurity at Tools & Settings > Web Application Firewall (ModSecurity).
Run the following command to clear the file:
# echo "" >
Switch on ModSecurity.
In Plesk go to Tools & Settings > Web Application Firewall (ModSecurity) .
Move Bruteforce from the list of active rules to deactivated.
Apply the changes.