Symptoms
Note: This article is applicable for Plesk on CentOS 7/CloudLinux 7 only.
- ModSecurity is disabled in Plesk > Tools & Settings > Web Application Firewall right after its installation;
- However when checking ModSecurity status on the server by logging via SSH, the status shows that service is enabled:
# plesk sbin modsecurity_ctl -s
Enabled
-
And vice versa: Plesk shows that ModSecurity is enabled, but in fact, it is disabled on the server.
-
ModSecurity cannot be disabled with the commands below:
# plesk sbin modsecurity_ctl -d
#It remains enabled:
# plesk sbin modsecurity_ctl -s
Enabled
Cause
Bug with ID #PPPM-8557 which has been fixed in Plesk Obsidian.
Resolution
If upgrade is not possible, apply the following workaround:
Workaround
-
Enable and then disable ModSecurity via Plesk > Tools & Settings > Web Application Firewall.
-
In case ModSecurity should be set on, enable it again via Plesk > Tools & Settings > Web Application Firewall.