All websites on Plesk server periodically unavailable after accessing WordPress comments or working in WordPress dashboard

Symptoms

• All websites on Plesk server periodically unavailable after accessing WordPress comments or working in WordPress dashboard

• Comodo ruleset is enabled in ModSecurity at Tools & Settings > Web Application Firewall (Modsecurity): 
  
  

• ‘plesk-modsecurity’ jail is enabled at Tools & Settings > IP Address Banning (Fail2Ban) > Jails:
  
  

Cause

IP address banned by fail2ban triggered by ModSecurity rule match alert.

At Tools & Settings > Web Application Firewall (Modsecurity) > ModSecurity Log File the following message appeared:

Message: Warning. String match "get" at REQUEST_METHOD. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "4595"] [id "222212"] [rev "2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"]

Resolution

Solution 1. Log into Plesk and switch ModSecurity ruleset to Atomic Standard in Plesk > Tools & Settings > Web Application Firewall (ModSecurity) > Settings:

Solution 2. Disable the ModSecurity rule with id 222212 using instruction from: How to disable specific ModSecurity rules in Plesk