If you are using Imunify360 for server security and managing your server through Plesk, you might have encountered an important warning: “Your ModSecurity (WAF) ruleset is outdated”. This warning typically appears when the installed version of your ModSecurity ruleset is not up to date, which can expose your server to security vulnerabilities. If you’ve seen the message Imunify360 Outdated WAF Ruleset on plesk it’s essential to update your WAF ruleset to maintain optimal protection.
Your ModSecurity (WAF) ruleset is outdated (current version is 6.67, latest version is 6.83). We highly recommend updating them as soon as possible in order to protect your server against malware and compromise. Please, update the ruleset manually or make sure that the auto-update option is enabled.The warning is usually triggered when your ModSecurity ruleset is outdated, and it can happen when a third-party ruleset (like Tortix) is in use instead of the official Imunify360 ruleset. Even though your server may be showing that the ruleset is properly installed, the version might still be behind. For example, you might run the command.
plesk sbin modsecurity_ctl -L --enabled and see that the custom ruleset is enabled, but when you check the version using the command
cat /etc/httpd/conf/modsecurity.d/rules/custom/VERSIONit shows an older version 6.67 .
Steps to Resolve the Issue:Imunify360 Outdated WAF Ruleset on plesk
To fix this issue and ensure that the latest ModSecurity ruleset protects your server, follow these steps:
1. Connect to the Server via SSH
Log in to your server through SSH to perform the necessary steps to resolve the issue.
2. Disable Current ModSecurity Ruleset
Before installing the updated ruleset, you need to disable the current ruleset. This can be done by running the following command:
plesk sbin modsecurity_ctl --disable-all-rules --ruleset tortixThis command will disable the third-party Tortix ruleset that might be conflicting with the Imunify360 ruleset.
3. Reinstall Imunify360 ModSecurity Ruleset
Once the conflicting ruleset is disabled, you need to install the official Imunify360 ruleset. To do this, run the following command:
imunify360-agent install-vendorsThis command will reinstall the Imunify360 vendor ruleset, ensuring that the latest security updates are applied.
4. Verify the Installation
After the installation is complete, verify that the ruleset has been updated by checking the version again. You should now see the updated version in the configuration file:
cat /etc/httpd/conf/modsecurity.d/rules/custom/VERSIONAlso, please note that the Imunify360 dashboard is updated once a day, so the warning shown in the dashboard will be cleared only within the next 24 hours.
Conclusion
Following these simple steps, you can quickly resolve the outdated WAF ruleset warning in Imunify360. Keeping your ModSecurity rules up to date is crucial for protecting your server from malware, vulnerabilities, and other online threats. Always ensure that your auto-update option is enabled for future rule updates, and perform regular security checks to maintain the integrity of your server.
If you’re encountering the “Imunify360 Outdated WAF Ruleset on plesk” and are unsure how to resolve it, it’s essential to seek professional support. Outdated security rules can leave your server vulnerable to attacks, and updating the ruleset is critical to maintaining a secure environment. With Plesk Server Management Services, you can ensure that your server is properly configured, secured, and running the latest updates.
