Symptoms
- The warning about outdated WAF ruleset is shown in Imunify360 dashboard in Plesk
Your ModSecurity (WAF) ruleset Is outdated (current version Is 5.40, latest version Is 5.41). We highly recommend
updating them as soon as possible in order to protect your server against malware and compromise. Please, update
the ruleset manually or make sure that the auto-update option is enabled.
- The proper ruleset is installed
# plesk sbin modsecurity_ctl -L --enabled
custom
- After executing the following command the version is not changed:
# imunify360-agent update --force modsec-rules
# cat /etc/httpd/conf/modsecurity.d/rules/custom/VERSION
4.92
Cause
A 3rd-party rule set is being used by ModSecurity, rather than the custom rule set from Imunify360.
Resolution
1. Connect to the server via SSH
2. Remove the current ModSecurity ruleset
# plesk sbin modsecurity_ctl --disable-all-rules --ruleset tortix
3. Reinstall Imunify360 ModSecurity ruleset
# imunify360-agent install-vendors