Knowledge Base

Outdated WAF ruleset is reported in the Imunify360 dashboard in Plesk

Symptoms

The warning about outdated WAF ruleset is shown in Imunify360 dashboard in Plesk
Your ModSecurity (WAF) ruleset Is outdated (current version Is 5.40, latest version Is 5.41). We highly recommend
updating them as soon as possible in order to protect your server against malware and compromise. Please, update
the ruleset manually or make sure that the auto-update option is enabled.

The proper ruleset is installed

# plesk sbin modsecurity_ctl -L --enabled
custom

After executing the following command the version is not changed:

# imunify360-agent update --force modsec-rules

# cat /etc/httpd/conf/modsecurity.d/rules/custom/VERSION
4.92

Cause

A 3rd-party rule set is being used by ModSecurity, rather than the custom rule set from Imunify360.

Resolution

1. Connect to the server via SSH

2. Remove the current ModSecurity ruleset

# plesk sbin modsecurity_ctl --disable-all-rules --ruleset tortix

3. Reinstall Imunify360 ModSecurity ruleset

# imunify360-agent install-vendors

See Also

Imunify360 documentation on ModSecurity and Plesk

Related Posts

How To Transfer Files Between Servers Using SSH

Exploring Plesk’s Added Value Solutions So Far in 2023

Unveiling Sitejet Builder: The Perfect Match for Your Effortless Website Creation Needs

Knowledge Base

Unable to install Imunify360 in Plesk: The value ‘buster-backports’ is invalid for APT

Imunify360 is not functioning in Plesk: Imunify agent is not running Follow the troubleshooting guide or contact support

System updates cannot be installed in Plesk due to Imunify repositories: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY

Imunify extension fails to install packages: Stopped, Error undefined

Hosting Wiki