Choose OWASP mode
It would be great to have a select button in Plesk UI to choose between Self-contained mode and Anomaly Scoring mode for OWASP in Tools and Settings > Web Application Firewall (modsecurity)
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
For Comodo it should be changed on:
# vi /etc/apache2/modsecurity.d/rules/comodo_free/00_Init_Initialization.conf
Plesk ModSecurity required a revision...
You click "On" but you are actually mainly on Warning mode... as scores prefined do not bring to 403 error lots of the times...
You better manually fix this to:
the following parameters are specified in /etc/apache2/modsecurity.d/rules/owasp_modsecurity_crs_3-plesk/10-crs-setup.conf
They IMHO should be commented out:
while they should be:
**There was no RESTART is required**
# plesk sbin modsecurity_ctl --disable
# plesk sbin modsecurity_ctl --enable
# service httpd restart