- Plesk for Linux
- Plesk for Windows
The Log In button for WordPress, Typo3 or other CMS in Plesk is not working: it redirects to application login page with empty credentials fields.
Login to PHP application using POST request fails without any error messages.
Login mechanism is breaking by ModSecurity Tradeoff/Thorough modes, enabled in Plesk > Tools & Settings > Web Application Firewall > Settings. These modes include analysis of POST data that lead to changing sending packets.
Log into Plesk and apply one of the following solutions:
Switch ModSecurity mode to Fast on Plesk > Tools & Settings > Web Application Firewall (ModSecurity) > Settings: this mode does not include analysis of POST data.
Disable ModSecurity for a domain via Plesk > Domains > example.com > Web Application Firewall.
Forbid ModSecurity to access request bodies (Windows Server only):
Connect to the server via RDP.
Open the file
C:\Program Files\ModSecurity IIS\modsecurity.confin a text editor and set the SecRequestBodyAccess setting to the Off value:
CONFIG_TEXT: SecRequestBodyAccess Off
Restart IIS webserver via a command prompt: