Unable to issue Let's Encrypt Certificate: During secondary validation: Invalid response. <title>Captcha</title>

Symptoms

• Unable to issue Let's Encrypt Certificate:

  CONFIG_TEXT: Detail: During secondary validation: Invalid response from http://example.com/.well-known/acme-challenge/1tKjieKSvO82nyBBUrPyarSdIOmEfFui3DZ9CaxTaPc [203.0.113.2]: "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <title>Captcha</title>\n <link rel=\"stylesheet\"\n "

• The error reports some "<title>Captcha</title>" response, however browser and CURL returns the correct file.

• During the certificate request, there is only one HTTP GET request from Let's Encrypt validation server that reaches the server and appears in logs (should be two or three similar requests in a row) /var/www/vhosts/system/example.com/logs/proxy_access_ssl_log

  CONFIG_TEXT: 203.0.113.3 - - [26/Jun/2020:13:15:50 +0700] "GET /.well-known/acme-challenge/E40340TLEpSAoZMvV9dyQCuAetVxXilQ8k_tzb0VONw HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"

• Imunify360 is installed on the server

Cause

This issue is caused by an Imunify 360 firewall rule (IM360) which fixed in version 3.18 of the ruleset.

Resolution

1. Log in to Plesk through SSH as root user

2. Execute:

   # imunify360-agent update --force modsec-rules