Skip to content
  • Solutions
    By Role
    • For Developers
    • For Content Managers
    • For Agencies
    • For IT Admins
    • For Web Hosters
    • For Developers
    • For Content Managers
    • For Agencies
    • For IT Admins
    • For Web Hosters
    By Infrastructure
    • Overview
    • AWS
    • Microsoft Azure
    • Alibaba Cloud
    • Google Cloud Platform
    • Vultr
    • Overview
    • AWS
    • Microsoft Azure
    • Alibaba Cloud
    • Google Cloud Platform
    • Vultr
    • Digital Ocean
    • Linode
    • Upcloud
    • Oracle
    • OVH
    • Digital Ocean
    • Linode
    • Upcloud
    • Oracle
    • OVH
  • Product
    • Plesk Features
    • Plesk Editions
    • What’s new
    • Pricing
    • Roadmap
    • Lifecycle Policy
    • Extensions Catalogue
  • Pricing
  • Extensions
    Featured Extensions
    • SocialBee
    • WP Toolkit
    • Sitejet Builder for Plesk
    • SEO Toolkit
    • Joomla! Toolkit
    • Premium Email
    • Email Security
    • SocialBee
    • WP Toolkit
    • Sitejet Builder for Plesk
    • SEO Toolkit
    • Joomla! Toolkit
    • Premium Email
    • Email Security
    Bundles and packs:
    • Business and Collaboration Edition
    • WP pack
    • Hosting pack
    • Power pack
    • Language pack
    • Business and Collaboration Edition
    • WP pack
    • Hosting pack
    • Power pack
    • Language pack

    See all Extensions

  • For Partners
    • Plesk Contributor Program
    • Plesk Partner Program
    • Affiliate program
    • Plesk University
  • Help Center
    • Documentation
    • Professional Services
    • Support
    • Contact Us
    • Wiki
    • Forum
  • Plesk 360 login
  • Free Trial
  • Pricing
  • Solutions
    • By Role
      • For Developers
      • For Content Managers
      • For Agencies
      • For IT Admins
      • For Web Hosters
    • By Infrastructure
      • Overview
      • Plesk on Amazon Web Services (AWS & Lightsail)
      • Microsoft Azure
      • Alibaba Cloud
      • Google Cloud Platform
      • Vultr
      • DigitalOcean
      • Linode
      • UpCloud
      • Oracle
      • OVH
  • Products
  • Pricing
  • Extensions
    • Featured Extensions
      • SocialBee
      • WP Toolkit
      • Sitejet Builder for Plesk
      • SEO Toolkit
      • Joomla! Toolkit
      • Premium Email
      • Email Security
    • Bundles and packs:
      • Business and Collaboration Edition
      • WP pack
      • Hosting pack
      • Power pack
      • Language pack
      • See all Extensions
  • For Partners
    • Plesk Contributor Program
    • Plesk Partner Program
    • Affiliate Program
    • Plesk University
  • Help Center
    • Documentation
    • Professional Services
    • Support
    • Contact Us
    • Wiki
    • Forum
  • Plesk 360 login
  • Free Trial
  • Pricing
  • Solutions
    • By Role
      • For Developers
      • For Content Managers
      • For Agencies
      • For IT Admins
      • For Web Hosters
    • By Infrastructure
      • Overview
      • Plesk on Amazon Web Services (AWS & Lightsail)
      • Microsoft Azure
      • Alibaba Cloud
      • Google Cloud Platform
      • Vultr
      • DigitalOcean
      • Linode
      • UpCloud
      • Oracle
      • OVH
  • Products
  • Pricing
  • Extensions
    • Featured Extensions
      • SocialBee
      • WP Toolkit
      • Sitejet Builder for Plesk
      • SEO Toolkit
      • Joomla! Toolkit
      • Premium Email
      • Email Security
    • Bundles and packs:
      • Business and Collaboration Edition
      • WP pack
      • Hosting pack
      • Power pack
      • Language pack
      • See all Extensions
  • For Partners
    • Plesk Contributor Program
    • Plesk Partner Program
    • Affiliate Program
    • Plesk University
  • Help Center
    • Documentation
    • Professional Services
    • Support
    • Contact Us
    • Wiki
    • Forum
  • Plesk 360 login
  • Free Trial
Plesk 360 login
Free Trial

Knowledge Base

Cannot access website hosted in Plesk: the server responded with a status of 403 (ModSecurity Action)

 
firewallhostedhttphttpsip

Symptoms

  1. After activation of Atomic Professional ModSecurity at Tools & Settings > Web Application Firewall (ModSecurity), some clients cannot access websites:

    Forbidden
    You don't have permission to access /roundcube/index.php on this server.

    Failed to load resource: the server responded with a status of 403 (ModSecurity Action)

  2. Error in Chrome or Internet Explorer DeveloperTools:

    HTTP Error 403.0 - ModSecurity Action You do not have permission to view this directory or page

    Failed to load resource: the server responded with a status of 403 (ModSecurity Action)

  3. Error in Event Viewer > Windows Logs > Application:

    Message: Access denied with code 403 (phase 1).
    RBL lookup of 2.113.0.203.xbl.spamhaus.org succeeded at REMOTE_ADDR (Illegal 3rd party exploits). [line "51"] [id "350000"] [rev "2"] [severity "ERROR"] Action: Intercepted (phase 1)

  4. Unable to issue SSL certificate with the following error in Plesk GUI:

    Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/12345. Details: Type: urn:ietf:params:acme:error:unauthorized Status: 403 Detail: During secondary validation: Invalid response from http://example.com/.well-known/acme-challenge/h9lLrpvgL9gsfgutUgerraF2aOas [203.0.113.2]: “[!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"]rn[html xmlns=“http”

    And the following entry in %plesk_dir%adminlogsphp_error.log:

    Access denied with code 403 (phase 1). RBL lookup of 130.229.222.34.xbl.spamhaus.org succeeded at REMOTE_ADDR (Illegal 3rd party exploits). [file "C:/Program Files (x86)/Plesk/ModSecurity/rules/tortix/modsec/00_asl_rbl.conf"] [line "51"] [id "350000"] [rev "2"] [msg "Global RBL Match: IP is on the xbl.spamhaus.org Blacklist (Report False Positives to www.spamhaus.org)"] [severity "ERROR"]

Cause

ModSecurity blocks access to the website from blacklisted IP address.

Resolution

To disable blocking for particular customer, white list his address.

To disable blocking based on blacklisting for all addresses, disable the rule:

  1. Log in to Plesk server via RDP
  2. Find ID of the rule that blocks the website in Event Viewer > Windows Logs > Application ().
  3. Login to Plesk as admin user
  4. Navigate to the tab  Tools & Settings > Web Application Firewall (ModSecurity) > General. 
  5. Add the rule ID mentioned in the error message to Security rule IDs field and press OK:
    rule.png
Tweet
Share
Share
Email
0 Shares
Read the full article
Related Posts

HTTP Response Status Codes Explained

Read More »

Full Site Check now scans for Google Fonts

Read More »

WordPress Firewall – Why Do You Need One?

Read More »
Knowledge Base

A website hosted in Plesk or the webmail page for it fails to load when ModSecurity is enabled

Read More »

How to customize Plesk URL

Read More »

How to secure a Plesk hostname on port 8443 with an SSL certificate (Let’s Encrypt / other certificate authorities)

Read More »

How to enable the use GET, HEAD, POST, PUT, DELETE, PATCH requests on a Plesk for Windows Server

Read More »

Hosting Wiki

  • Content Security Policy ( CSP )
  • Server Redundancy
  • Bare Metal Server
  • PhpMyAdmin
  • phpPgAdmin
  • Oracle VM Server
  • Server Virtualization Software
  • Windows Server
  • JavaScript
  • PHP
  • HTTP/3
  • HTTP/2
  • Plesk
  • Lighttpd
  • Web Server
  • DNS Server
  • IPv6
  • IPv4
  • SIP
  • SSL
  • UDP/IP
  • Firewall
  • TCP/IP
  • HTTP
X-twitter Linkedin Youtube Reddit Github
  • Product
  • Login
  • Pricing
  • Editions
  • For Partners
  • Partner Program
  • Contributor Program
  • Affiliate Program
  • Plesk University
  • Company
  • Blog
  • Careers
  • Events
  • About Plesk
  • Our Brand
  • Resources
  • User and Admin guides
  • Help Center
  • Migrate to Plesk
  • Contact Us
  • Hosting Wiki
  • Forum
  • Legal
  • Legal
  • Privacy Policy
  • Imprint

© 2025 WebPros International GmbH

Part of the WebPros®  Family