- Plesk 12.5 for Linux
Note: This article has the reference to the issue with the fix available:
- #PPPM-4162 "Support issue #PPPM-4162"
- Plesk Onyx 17.8 Release 17 April 2018
Cannot upload custom rules set file at Plesk > Tools & Settings > Web Application Firewall > Change Rule Set > Custom rule set. The following error occurs:
PLESK_ERROR: Failed to install the ModSecurity rule set: httpd: Syntax error on line 353 of /etc/httpd/conf/httpd.conf: Syntax error on line 5 of /etc/httpd/conf.d/security2.conf: Syntax error on line 6 of /etc/httpd/conf/modsecurity.d/zz_rules.conf: No matches for the wildcard '*.conf' in '/etc/httpd/conf/modsecurity.d/rules/custom', failing (use IncludeOptional if required)
Enabling custom rulesets using .conf format with command line like the one below fails. However it works, if .conf ruleset files added to archive:
# plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-rule-set custom -waf-archive-path custom_rule.conf
This is Plesk bug #PPPM-4162, which is planned to be fixed in future Plesk updates.
As a workaround, enable custom ruleset packed as archive using steps below
- Connect to the server using SSH.
- Apply the custom rule set as archive:
# plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-rule-set custom -waf-archive-path /root/custom_rule_set.conf.tgz
Note: Path to the archive depends on it's location.
Note: The file
custom_rule_set.conf.tgz should contain only .conf files for usage on ModSecurity custom ruleset.