So I have seen a few people having issues with mod security on Plesk 12, for some they have found it hard to see the reason why they are having site issues after upgrading and installing the module or moving to a server that has it installed.

The first thing that you need to do is check the log which you can do from within Plesk, personally I check this from the command line using grep to check if the domain is triggering any rules and to get the id of the rule it’s triggering.

If you are having issues with mod security then you have 2 options 1 disable for the entire domain (not recommended) or 2 disable that rule for the domain (recommended).

To disable Mod Security for an entire domain or a single/multiple rules you simply go into your subscription and under Websites & Domains select Web Server Settings there you can add the exception under the Additional Apache directives section once saved this will then apply the changes.

To find events for a website/domain search/grep the log for the domain name.
a few lines above the domain find a string like –aabb1234-A–. The eight charicters between hyphens are the ID of the triggered event (aabb1234)
once you have the event ID you need to search for more entries with the same ID with H after the ID (–aabb1234-H–), this contains the ID of the rule that has been triggered.
The rule ID will be a number starting with 3 [id “312345”] this is the ID that you will need to use when adding an exception for a domain.

Disable for a whole domain

    <IfModule mod_security2.c>
    SecRuleEngine Off
    </IfModule>

Disable a single rule on a domain, the rule ID will be obtained from the logs.

    <LocationMatch .*>
      <IfModule mod_security2.c>
        SecRuleRemoveById 312345
      </IfModule>
    </LocationMatch>

Add a comment

0.0(0 votes)

Next Post Previous Post