Knowledge Base

Plesk shows wrong information about ModSecurity status right after Modsecurity installation

Symptoms

Note: This article is applicable for Plesk on CentOS 7/CloudLinux 7 only.

ModSecurity is disabled in Plesk > Tools & Settings > Web Application Firewall right after its installation;
However when checking ModSecurity status on the server by logging via SSH, the status shows that service is enabled:
# plesk sbin modsecurity_ctl -s
Enabled

And vice versa: Plesk shows that ModSecurity is enabled, but in fact, it is disabled on the server.
ModSecurity cannot be disabled with the commands below:

# plesk sbin modsecurity_ctl -d
#

It remains enabled:

# plesk sbin modsecurity_ctl -s
Enabled

Cause

Bug with ID #PPPM-8557 which has been fixed in Plesk Obsidian.

Resolution

Upgrade to Plesk Obsidian.

If upgrade is not possible, apply the following workaround:

Workaround

Log into Plesk.
Enable and then disable ModSecurity via Plesk > Tools & Settings > Web Application Firewall.
In case ModSecurity should be set on, enable it again via Plesk > Tools & Settings > Web Application Firewall.

Related Posts

CentOS Project Announces Early End-of-Life Date for CentOS 8

How to Install and Configure CSF

Wordfence vs Sucuri – WordPress Security Plugins Comparison

Knowledge Base

Unable to upload file to the website: Request body no files data length is larger than the configured limit

Websites periodically are not available in Plesk: scoreboard is full, not at MaxRequestWorkers

Custom iptables rules are reset after a system reboot on a Plesk for CentOS 7 or CloudLinux 7 server

Apache cannot be started if ModSecurity is enabled: failed to load IPs from: /etc/asl/whitelist

Hosting Wiki