- Plesk Onyx for Linux
Under Plesk > Tools & Settings > Web Application Firewall(ModSecurity) OWASP ruleset is selected and after that Imunify360 ModSecurity ruleset is installed
Reverting to Atomic Ruleset fails with an error:
PLESK_ERROR: Failed to install the ModSecurity rule set: httpd: Syntax error on line 353 of /etc/httpd/conf/httpd.conf: Syntax error on line 5 of /etc/httpd/conf.d/security2.conf: Syntax error on line 6 of /etc/httpd/conf/modsecurity.d/zz_rules.conf: Could not open config directory /etc/httpd/conf/modsecurity.d/rules/owasp_modsecurity_crs_3-plesk: No such file or directory
There are some missing files in
plesk-modsecurity-crspackage required by OWASP ruleset:
CONFIG_TEXT: # rpm -qV plesk-modsecurity-crs
Installation of imunify360 ruleset breaks OWASP rule set if OWASP ruleset was previously enabled.
This is a bug with internal id #PPPM-10179 which will be fixed in future product updates.
Subscribe to this article to be notified when a fix for this bug is released.
These are possible workarounds:
Connect to the server via SSH
CONFIG_TEXT: # yum reinstall plesk-modsecurity-crs
- Log in to Plesk
- Uninstall ModSecurity by navigating to Updates and Upgrades > add/remove components > Web Hosting and select ModSecurity, click Continue.
- Install ModSecurity again by navigating to Updates and Upgrades > add/remove components > Web Hosting and select ModSecurity, click Continue.
Now you can enable OWASP ModSecurity ruleset.