ModSecurity entries in error log... but no Comodo rule with specified ID

I am using free ModSecurity Rules (Web Application Firewall) by Comodo on my VPS. I recently migrated it to Plesk Onyx v17 (running on Ubuntu 14.04) and, when checked the error logs this morning, I noticed multiple records like this one:

[Tue Apr 11 06:26:33.063983 2017] [:error] [pid 3306:tid 140450353870592] [client XXX.XXX.XXX.XXX] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file “/etc/apache2/modsecurity.d/rules/comodo/12_HTTP_Protocol.conf”] [line “139”] [id “217270”] [rev “2”] [msg “COMODO WAF: Request Containing Content, but Missing Content-Type header||www.example.com|F|2”] [data “REQUEST_HEADERS=0”] [severity “CRITICAL”] [hostname “www.example.com”] [uri “/”] [unique_id “WOyvWX8AAQEAAAzqQuAAAAAA”]

Here XXX.XXX.XXX.XXX is the IP address of my VPS.

I decided to investigate this error but, when I opened rules file 12_HTTP_Protocol.conf mentioned in the messages, I noticed that there is actually no rule there with id “217270”: after the rule 217261 the next one listed is 217280…?

Looks like I’m stuck here… Any thoughts/suggestions?

Rule 217270 was removed during last update (10.04.2017)

And in new CWAF-client release bug with rules search is fixed.

Thanks for letting me know. That explains why I couldn’t find this rule in the 12_HTTP_Protocol.conf file, it was already updated on April 11 but the server wasn’t restarted, so ModSecurity was still using old rule set. Restarted the server now, hopefully the issue is resolved.