After manually removing the ModSecurity, Plesk and websites return error 503: The Module DLL C:WindowsSystem32inetsrvModSecurityIIS.dll failed to load

Symptoms

• Plesk login pages shows the following error:

  503 Service Unavailable.

• Websites are unavailable with the same 503 error.

• Under Event Viewer > Applications, the following error can be found on an attempt to start the IIS:

  The Module DLL C:WindowsSysWOW64inetsrvModSecurityIIS.dll failed to load. The data is the error.

• ModSecurity was removed manually.

Cause

ModSecurity Modules are still enabled via IIS Manager > <SERVER HOSTNAME> > Modules after the manual removal.

Resolution

1. Connect to the server via RDP.

2. Open Command Prompt under Administrator.

3. Backup applicationHost.config:

   C:> cd %systemroot%system32inetsrvconfig

   C:> copy applicationHost.config applicationHost.config.original

4. Open IIS Manager > <SERVER HOSTNAME> > Modules, select ModSecurity IIS (32bits) and ModSecurity IIS (64bits) and click Remove in the right pane.

5. In the right pane, click Configure Native Modules... and remove both ModSecurity modules, if these are present.

6. Remove component ModSecurity from Plesk via Command Prompt:

   C:> plesk installer --select-release-current --remove-component modsecurity

7. Restart IIS:

   C:> iisreset