Symptoms
-
All disabled ModSecurity rules except
210710and222212are removed every day. -
Comodo ruleset is selected for ModSecurity (Tools & Settings > Web Application Firewall (ModSecurity) > Settings).
- Ubuntu 18.04 is used on the server.
Cause
Bug with ID PPPM-12290. The issue has been fixed in Plesk 18.0.30. Please consider updating your server.
Resolution
If update is not possible for some reason you may try the following
workaround
As a workaround, create a Scheduled task that will automatically add the missing rule to be switched off (for example, 214540) after the 50plesk-daily script is executed:
-
Connect to the server via SSH.
-
Find out when
/etc/cron.daily/50plesk-dailyscript is executed on the server by running the following command:# cat /etc/crontab
In the output, the following line will be shown:
11 0 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
In this example, script
50plesk-dailyis executed at 0:11 daily.Note: Crontab format can be checked here.
-
Go to Tools & Settings > Scheduled Tasks (Cron jobs) and click Add task.
-
Set the following parameters:
Warning: Change the 214540 in the command to the rule ID that should be switched off
-
Task type: run a command
-
Command:
echo "UPDATE WebServerSettingsParameters SET value="210710n222212n214540" where name="filterById";" | MYSQL_PWD=`cat /etc/psa/.psa.shadow` mysql -uadmin psa; /usr/sbin/plesk bin server_pref --update-web-app-firewall
-
Run: Daily, and enter the time when
/etc/cron.daily/50plesk-dailyis executed (see step 2) +20 minutes -
System user: root
-
Notify: Do not notify.
-
-
Click OK to save the task.
-
Verify that the task appeared under Tools & Settings > Scheduled Task.
