- Plesk Obsidian for Linux
All disabled ModSecurity rules except
222212are removed every day.
Comodo ruleset is selected for ModSecurity (Tools & Settings > Web Application Firewall (ModSecurity) > Settings).
- Ubuntu 18.04 is used on the server.
Bug with ID PPPM-12290 that will be fixed in one of the future Plesk updates.
As a workaround, create a Scheduled task that will automatically add the missing rule to be switched off (for example,
214540) after the
50plesk-daily script is executed:
Connect to the server via SSH.
Find out when
/etc/cron.daily/50plesk-dailyscript is executed on the server by running the following command:
# cat /etc/crontab
In the output, the following line will be shown:
CONFIG_TEXT: 11 0 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
In this example, script
50plesk-dailyis executed at 0:11 daily.
Note: Crontab format can be checked here.
Go to Tools & Settings > Scheduled Tasks (Cron jobs) and click Add task.
Set the following parameters:
Warning: Change the 214540 in the command to the rule ID that should be switched off
Task type: run a command
CONFIG_TEXT: echo "UPDATE WebServerSettingsParameters SET value=\"210710\\n222212\\n214540\" where name=\"filterById\";" | MYSQL_PWD=`cat /etc/psa/.psa.shadow` mysql -uadmin psa; /usr/sbin/plesk bin server_pref --update-web-app-firewall
Run: Daily, and enter the time when
/etc/cron.daily/50plesk-dailyis executed (see step 2) +20 minutes
System user: root
Notify: Do not notify.
Click OK to save the task.
Verify that the task appeared under Tools & Settings > Scheduled Task.