- Plesk for Linux
- Plesk for Windows
ModSecurity is installed and enabled at Tools & Settings > Web Application Firewall (ModSecurity) > On.
A website is unavailable or it is not possible to perform operations on this website, for example, edit posts in WordPress, add products to shopping cart, etc:
PLESK_INFO: 403 Forbidden
PLESK_INFO: 500 Internal Server Error
WordPress Customization page is not displayed properly at WordPress Admin Dashboard > Customize.
Along with the error in a web-browser, a ModSecurity error message like below appears on the Logs page in Plesk at Domains > example.com > Logs:
CONFIG_TEXT: ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/modsecurity.d/rules/owasp_modsecurity_crs_3-plesk/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "57"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "example.com"] [uri "/robots.txt"] [unique_id "XPsROH8AAQEAABEiZFcAAABC"]
Strict ModSecurity rule-sets (for example, OWASP or Comodo) may block some operations on the website (such as file sharing, webmail, and some web applications, including WordPress and its plugins).
Go to Domains > example.com > Web Application Firewall.
Specify the rule IDs from the error message on the Logs page and click OK.