How to disable specific ModSecurity rules in Plesk like a pro?

At Bobcares, we offer solutions for every query, big and small, as a part of our Server Management Service.

Let’s take a look at how our Support Team recently helped a customer  how to disable specific ModSecurity rules in Plesk.

How to disable specific ModSecurity rules in Plesk

Before we disable certain ModSecurity rules in Plesk, our Support Techs would like to remind you that we cannot all rules due to the  MODSEC-274 bug in ModSecurity.

According to our exceptional Support Team, we can disable rules for a domain via

• ModSecurity settings
• Additional Apache directive

If you prefer to disable the rules server-wide, we can do it either via rule IDs or rule tags. Let’s take a look at how to get this done in the next section.

How to disable specific ModSecurity rules in Plesk for a domain

We can do this via ModSecurity settings as seen below:

1. First, log in to Plesk.
2. Then, we will head to Web Application Firewall (ModSecurity) under example.com in the Domains section.
3. Next, we have to specify the tags, rule IDs, or a regular expression in the Switch off security rules section that we want to switch off.

   Our Support Techs would like to point out that the Switch off security rules is accessible only when the web application firewall mode is set to Detection only orOn.

   • By rule tags

     

   • By rule IDs

     

We can do this via additional ModSecurity Apache directives as seen below:

1. First, we have to log in to Plesk.
2. Then, we head to Apache & Nginx Settings under example.com in the Domains section.
3. Next, we have to create a custom Apache directive and then place it in the Additional directives for HTTP/HTTPS fields.

   For instance, we can disable rules IDs 340163 and 340162 as seen below:

   <IfModule mod_security2.c>
   SecRuleRemoveById 340163
   SecRuleRemoveById 340162
   </IfModule>

   OR

   <IfModule mod_security2.c>
   SecRuleRemoveById 340163 340162
   </IfModule>

How to disable specific ModSecurity rules in Plesk server-wide

1. First, we have to log in to Plesk.
2. Then, we head to Switch off security rules under Web Application Firewall (ModSecurity) in the Tools & Settings section.
3. Next, we have to switch off the rules via either of the following options:
   • By rule IDs:
     Here, we will add IDs from the error message to the Security rule Ids as seen below:

     

     If we want to disable more than one rule, we can add the different rule IDs on separate lines.
   • By rule tags:

     

     Here, we have to add the rule tags from the error message from the Active box to Deactivated box and then apply the changes.

[Need a solution to another query? We are just a click away.]

Conclusion

To sum up, the skilled Support Engineers at Bobcares demonstrated how to disable specific ModSecurity rules in Plesk.