• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Atomic Base security can not update itself

Émerson Felinto

Émerson Felinto

Regular Pleskian
I'm getting this error from Atomic Base security. Any suggestions on how to solve it?

"Erro: Falha ao atualizar o conjunto de regras do ModSecurity: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: Signature made Wed Mar 14 15:24:49 2018 -03 using RSA key ID 4520AFA9
gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9
TERM environment variable not set.
aum failed with exitcode 3.
stdout:



Checking versions ...

AUM version is current: package asl is not installed[75G[[1;31m[1;32mPASS[0m[0m]


Authorization failed attempting to download an update.
The username or password may be invalid, or your license may be expired.
Please log in to the License Manager at Atomicorp and verify your account.

Further information may be found at: https://www.atomicorp.com/wiki/index.php/ASL_FAQ#HTTP_Error_401:_Authorization_Required.

-------------------------------------------------------------------------------
Errors were encountered:

L CODE SOURCE MESSAGE
- ---- ----------------------------- ------------------------------------------
[1;31m3 303 Core::distributed_update Invalid user credentials
[0m(hide IP)
(hide IP)
(hide IP)

stderr:
Unable to download tortix rule set"
 
Mark Muyskens said:
Atomicorp ModSecurity ruleset update fails
Click to expand...
The support page says we should contact Atomicorp for activation of the account. I can't remember creating an account for using the Atomic Basic ModSecurity ruleset half a year ago. There is no field for entering account data for the basic ruleset in plesk. Isn't or wasn't there a global account that plesk uses(d)? The config files seem to use "plesk_global_unpaid" and some password for the user.
 
Last edited:
Followed the guide for reinstallation of modsec closely. Now this error shows up, when trying to switch on modsec with atomic basic ruleset. So now it's worse than before, since modsec is off now.
Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: assuming signed data in `/tmp/tmpc8K6JQ/aum' gpg: Signature made Wed Mar 14 19:24:49 2018 CET using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. converted 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (ANSI_X3.4-1968) -> 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (UTF-8) --2018-03-18 08:37:02-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 74.208.77.16 Connecting to www.atomicorp.com (www.atomicorp.com)|74.208.77.16|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: 'STDOUT' 0K . 100% 47.5M=0s 2018-03-18 08:37:03 (47.5 MB/s) - written to stdout [1694/1694] sed: can't read /etc/asl/config: No such file or directory Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/apache2/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '/etc/asl/config']' returned non-zero exit status 2 Unable to download tortix rule set
 
Last edited:
I did remove and reinstall ModSecurity, re configure true the
Webserver Configurations Troubleshooter and all other suggestions in the KB whit as result i can't
activate ModSecurity anymore.
 
Matthl said:
Followed the guide for reinstallation of modsec closely. Now this error shows up, when trying to switch on modsec with atomic basic ruleset. So now it's worse than before, since modsec is off now.
Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: assuming signed data in `/tmp/tmpc8K6JQ/aum' gpg: Signature made Wed Mar 14 19:24:49 2018 CET using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. converted 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (ANSI_X3.4-1968) -> 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (UTF-8) --2018-03-18 08:37:02-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 74.208.77.16 Connecting to www.atomicorp.com (www.atomicorp.com)|74.208.77.16|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: 'STDOUT' 0K . 100% 47.5M=0s 2018-03-18 08:37:03 (47.5 MB/s) - written to stdout [1694/1694] sed: can't read /etc/asl/config: No such file or directory Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/apache2/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '/etc/asl/config']' returned non-zero exit status 2 Unable to download tortix rule set
Click to expand...

I'd do it one more time. Based on the error, it looks like you have an incomplete install.
 
Mark Muyskens said:
I'd do it one more time. Based on the error, it looks like you have an incomplete install.
Click to expand...

Already did that. Didn't help.
We are five people now with the problem in this thread and the other one. Maybe it's a more global problem. Maybe there are only so few because it's weekend.
Since i don't have time for further tests anyway i will wait a day or two before investigating more deeply. Thank you so far.
 
Alright, well go to Atomicorp's website, grab a year free trial of the basic modsec rules, drop your own username and password into /etc/asl/config and then call it a day :eek:
 
Mark Muyskens said:
Alright, well go to Atomicorp's website, grab a year free trial of the basic modsec rules, drop your own username and password into /etc/asl/config and then call it a day :eek:
Click to expand...

Works with own account. Thank you! But had to mind, that plesk changes username/password back to the global one when changing settings in the interface.
Code: 
sudo /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php –f UpdateModSecurityRuleSet
...now runs without error.

What might be interesting - the URL for the update from the /etc/asl/config:
Code: 
www.atomicorp.com/channels/asl-3.0/rules/
works with my own atomicorp account, but not with the global one from the config.
 
For future reference you also run "aum -u" instead of the entire daily maintenance.

Glad you got it working!
 
You must log in or register to reply here.

Similar threads

M
Issue Failed to update ModSecurity ruleset: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>"
Replies
0
Views
1K
muhammad.faraz
M
J
Issue Issue with Atomic Advanced (bought from Plesk)
Replies
0
Views
877
jl07
J
Azurel
Resolved Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed
Replies
0
Views
1K
Azurel
Azurel
S
Resolved WAF Update Error Atomic Basic ModSecurity
Replies
2
Views
1K
Sally1
S
Tize
Resolved Yum update - error
Replies
2
Views
2K
Tize
Tize
Back
Top