Resolved Atomic Base security can not update itself

[Émerson Felinto]

I'm getting this error from Atomic Base security. Any suggestions on how to solve it?

"Erro: Falha ao atualizar o conjunto de regras do ModSecurity: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: Signature made Wed Mar 14 15:24:49 2018 -03 using RSA key ID 4520AFA9
gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9
TERM environment variable not set.
aum failed with exitcode 3.
stdout:



Checking versions ...

AUM version is current: package asl is not installed[75G[[1;31m[1;32mPASS[0m[0m]


Authorization failed attempting to download an update.
The username or password may be invalid, or your license may be expired.
Please log in to the License Manager at Atomicorp and verify your account.

Further information may be found at: https://www.atomicorp.com/wiki/index.php/ASL_FAQ#HTTP_Error_401:_Authorization_Required.

-------------------------------------------------------------------------------
Errors were encountered:

L CODE SOURCE MESSAGE
- ---- ----------------------------- ------------------------------------------
[1;31m3 303 Core::distributed_update Invalid user credentials
[0m(hide IP)
(hide IP)
(hide IP)

stderr:
Unable to download tortix rule set"

 

[MarkM]

Atomicorp ModSecurity ruleset update fails

 

[Émerson Felinto]

How can I enter my credentials in plesk?

 

[Matthl]

looks like this problem: Issue - ModSecurity - Authorization failed attempting to download an update

 

[Matthl]

Atomicorp ModSecurity ruleset update fails

The support page says we should contact Atomicorp for activation of the account. I can't remember creating an account for using the Atomic Basic ModSecurity ruleset half a year ago. There is no field for entering account data for the basic ruleset in plesk. Isn't or wasn't there a global account that plesk uses(d)? The config files seem to use "plesk_global_unpaid" and some password for the user.

 

[MarkM]

Yes, that username and password is the same for all.

Your AUM may be corrupted. Have you tried doing a reinstall?
How to reinstall ModSecurity?

 

[Matthl]

Followed the guide for reinstallation of modsec closely. Now this error shows up, when trying to switch on modsec with atomic basic ruleset. So now it's worse than before, since modsec is off now.

Expand/Collapse Block: Error

Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: assuming signed data in `/tmp/tmpc8K6JQ/aum' gpg: Signature made Wed Mar 14 19:24:49 2018 CET using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. converted 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (ANSI_X3.4-1968) -> 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (UTF-8) --2018-03-18 08:37:02-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 74.208.77.16 Connecting to www.atomicorp.com (www.atomicorp.com)|74.208.77.16|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: 'STDOUT' 0K . 100% 47.5M=0s 2018-03-18 08:37:03 (47.5 MB/s) - written to stdout [1694/1694] sed: can't read /etc/asl/config: No such file or directory Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/apache2/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '/etc/asl/config']' returned non-zero exit status 2 Unable to download tortix rule set

 

[HansMobron]

I did remove and reinstall ModSecurity, re configure true the
Webserver Configurations Troubleshooter and all other suggestions in the KB whit as result i can't
activate ModSecurity anymore.

 

[MarkM]

Followed the guide for reinstallation of modsec closely. Now this error shows up, when trying to switch on modsec with atomic basic ruleset. So now it's worse than before, since modsec is off now.

Expand/Collapse Block: Error

Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: assuming signed data in `/tmp/tmpc8K6JQ/aum' gpg: Signature made Wed Mar 14 19:24:49 2018 CET using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. converted 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (ANSI_X3.4-1968) -> 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (UTF-8) --2018-03-18 08:37:02-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 74.208.77.16 Connecting to www.atomicorp.com (www.atomicorp.com)|74.208.77.16|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: 'STDOUT' 0K . 100% 47.5M=0s 2018-03-18 08:37:03 (47.5 MB/s) - written to stdout [1694/1694] sed: can't read /etc/asl/config: No such file or directory Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/apache2/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '/etc/asl/config']' returned non-zero exit status 2 Unable to download tortix rule set

I'd do it one more time. Based on the error, it looks like you have an incomplete install.

 

[Matthl]

I'd do it one more time. Based on the error, it looks like you have an incomplete install.

Already did that. Didn't help.
We are five people now with the problem in this thread and the other one. Maybe it's a more global problem. Maybe there are only so few because it's weekend.
Since i don't have time for further tests anyway i will wait a day or two before investigating more deeply. Thank you so far.

 

[MarkM]

Alright, well go to Atomicorp's website, grab a year free trial of the basic modsec rules, drop your own username and password into /etc/asl/config and then call it a day

 

[Matthl]

Alright, well go to Atomicorp's website, grab a year free trial of the basic modsec rules, drop your own username and password into /etc/asl/config and then call it a day

Works with own account. Thank you! But had to mind, that plesk changes username/password back to the global one when changing settings in the interface.

sudo /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php –f UpdateModSecurityRuleSet

...now runs without error.

What might be interesting - the URL for the update from the /etc/asl/config:

www.atomicorp.com/channels/asl-3.0/rules/

works with my own atomicorp account, but not with the global one from the config.

 

[MarkM]

For future reference you also run "aum -u" instead of the entire daily maintenance.

Glad you got it working!

 

[MarkM]

Worked with Jim @ Atomicorp. The "plesk_global_unpaid" user is good to go now.