Knowledge Base

All websites on Plesk server periodically unavailable after accessing WordPress comments or working in WordPress dashboard

Symptoms

All websites on Plesk server periodically unavailable after accessing WordPress comments or working in WordPress dashboard
Comodo ruleset is enabled in ModSecurity at Tools & Settings > Web Application Firewall (Modsecurity):
'plesk-modsecurity' jail is enabled at **Tools & Settings > IP Address Banning (Fail2Ban) > Jails:
At Tools & Settings > Web Application Firewall (Modsecurity) > ModSecurity Log File the following message appeared:

Message: Warning. String match "get" at REQUEST_METHOD. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf"] [line "4595"] [id "222212"] [rev "2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"]

Cause

IP address banned by fail2ban triggered by ModSecurity rule match alert.

Resolution

Solution 1

Log into Plesk and,
Switch ModSecurity ruleset to Atomic Standard in Tools & Settings > Web Application Firewall (ModSecurity) > Settings:

Solution 2

Disable the ModSecurity rule with id 222212 (4th symptom) using instruction from: How to disable specific ModSecurity rules in Plesk

Related Posts

WordPress Firewall – Why Do You Need One?

Using Fail2ban to Secure Your Server

Wordfence vs Sucuri – WordPress Security Plugins Comparison

Knowledge Base

WordPress websites on a Plesk server show “404 Not Found” when PHP-FPM by Nginx and Proxy Mode are used

Manual WordPress installation on Plesk server fails with Error 403

How to install WordPress with custom settings on Plesk server?

How to install Cgroups Manager extension on Plesk server?

Hosting Wiki