Atomic Basic ModSecurity Error

[Janko1000]

Once Atomic Basic is enabled, the following error appears:

Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Tue Jun 17 16:53:49 2014 CEST using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. --2014-06-19 02:18:24-- http://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 198.71.51.132 Connecting to www.atomicorp.com (www.atomicorp.com)|198.71.51.132|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: `STDOUT' 0K . 100% 4.22M=0s 2014-06-19 02:18:25 (4.22 MB/s) - written to stdout [1694/1694] aum failed with exitcode 127. stdout: stderr: aum: relocation error: /lib32/libresolv.so.2: symbol strlen, version GLIBC_2.0 not defined in file libc.so.6 with link time reference Unable to download tortix rule set

OS 	Debian 7.5
Plesk version 	12.0.18 Update #4, last updated at June 18, 2014 02:51 AM

 

[atomicturtle]

Thanks for the report! AUM 4.0.3-15 has been released to address the glibc update issue you ran in to. It should be available in all the mirrors today

 

[CarimE]

Same prob here!

Der ModSecurity-Regelsatz konnte nicht installiert werden: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Wed Jun 25 18:41:22 2014 CEST using RSA key ID 4520AFA9 gpg: fatal: /var/lib/plesk/modsec/.gnupg/trustdb.gpg: invalid trustdb secmem usage: 1408/1408 bytes in 2/2 blocks of pool 1408/32768 Command '['gpg', '--homedir', '/var/lib/plesk/modsec/.gnupg', '--verify', '/tmp/tmpWNQW1n/aum-plesk-installer.asc']' returned non-zero exit status 2 Unable to download tortix rule set

uname -a
Linux 3.2.0-4-amd64 #1 SMP Debian 3.2.57-3+deb7u2 x86_64 GNU/Linux

Debian 7.5

12.0.18 Update #6

 

[CarimE]

Any suggestions here?

 

[AndreasI]

Same Probs too

Fehler: Der ModSecurity-Regelsatz konnte nicht aktualisiert werden: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Tue Jul 8 23:30:40 2014 MEST using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. [url]ftp://ftp.xxxxxxxxxxx.net/pub/linux/CentOS/6/updates/x86_64/repodata/f785c809e034efb864e2b554112fbfb9091734b75e21975d20a6f3a20345e2da-primary.sqlite.bz2:[/url] [Errno 14] PYCURL ERROR 19 - "Given file does not exist" Trying other mirror. Error: failure: repodata/f785c809e034efb864e2b554112fbfb9091734b75e21975d20a6f3a20345e2da-primary.sqlite.bz2 from updates: [Errno 256] No more mirrors to try. Command '/bin/bash < /tmp/tmpUlAMOc/aum-plesk-installer' returned non-zero exit status 1 Unable to download tortix rule set

OS 	CentOS 6.5 (Final)
Plesk Version 	12.0.18 Update #7, zuletzt aktualisiert: Juli 9, 2014 06:30 PM

is there a solution here ?

Thx

 

[RenéJ]

Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Mon Jul 14 14:18:28 2014 UTC using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. --2014-07-15 06:25:38-- http://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 198.71.51.132 Connecting to www.atomicorp.com (www.atomicorp.com)|198.71.51.132|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: `STDOUT' 0K . 100% 48.0M=0s 2014-07-15 06:25:38 (48.0 MB/s) - written to stdout [1694/1694] [Errno 8] Exec format error Unable to download tortix rule set

Debian 7 AMD64
Plesk 12.0.18

 

[IgorG]

We are working with atomic on this problem.

 

[elemental.tm]

We are working with atomic on this problem.

Hi IgorG, has this been fixed yet?

Thanks in advance.

 

[IgorG]

Yes, it should be fixed in latest microupdates.

 

[VÃ ctorS]

meanwhile ... any solution that can be applied nowadays?

 

[dancespain]

I have same issue and Atomic rules are blocking Googlebot (for adsense) and Google Robot. I deactivate manually mod_security, when will you repair this?

 

[elcopdoo]

Same problem here, Atomic blocking Google robot, our site was removed in Google listing...
And after latest update(MU13):
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: HTTP Error 401: basic auth failed Unable to download atomic rule set
We have license for security-core-with-atomicorp-modsecurity-rules

 

[Brujo]

I have same issue and Atomic rules are blocking Googlebot (for adsense) and Google Robot. I deactivate manually mod_security, when will you repair this?

+1 same for me

Plesk 12.0.18 Update #11 & Atomic Basic ModSecurity rule set on Centos 6.5

 

[elcopdoo]

I resolved this issue by changing rule set to:
Atomic Professional ModSecurity rule set

 

[Brujo]

I resolved this issue by changing rule set to:
Atomic Professional ModSecurity rule set

is this the subscription version ? because it must also work within the free version when plesk offer it!

 

[Yaashul]

I am using plesk 12 with microupdate 13 But I am still facing this modsecurity issue yet.

Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Tue Jul 29 22:03:33 2014 IST using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. sed: can't read /etc/asl/config: No such file or directory Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/tmp/tmp08NbNV/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '/etc/asl/config']' returned non-zero exit status 2 Unable to download tortix rule set

 

[Xantron]

Same problem ....

Please fix it!

 

[UFHH01]

Hi Xantron,

You have a different issue/problem, as you can read in your error message: Could not get lock /var/lib/dpkg/lock - which results to a similar issue, but not the same reason as above.

Please use:

sudo lsof /var/lib/dpkg/lock​

to find the process that owns the current lock file. If your search with lsof has no current process assigned, it is maybe a leftover from your last boot and you should kill it with:

sudo kill -9 PID_FILE_ID_NUMBER
​

If you still experience the same issue/problem, after you resolved your first one, please try to change the rule set and afterwards please try to switch back to the initial one. If you experience a similar issue/problem again, please try to de- and re-install the whole ModSecurity package with these two commands:

De - install:

/usr/local/psa/admin/bin/autoinstaller --select-product-id plesk --select-release-current --remove-component modsecurity​

Re- install:

/usr/local/psa/admin/bin/autoinstaller --select-product-id plesk --select-release-current --reinstall-patch --install-component modsecurity​

If you still have issues, please provide again the actual error - message(s) to investigate them and to help you with further suggestions and work - arounds.

 

[Dirk_Meij]

Hi,

I am getting this error al of a sudden:

Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Mon Dec 29 16:43:55 2014 CET using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. aum failed with exitcode 3. stdout: Checking versions ... ------------------------------------------------------------------------------- Errors were encountered: L CODE SOURCE MESSAGE - ---- ----------------------------- ------------------------------------------ [1;31m3 16 ASLCommon::get_lock Another instance of ASL is running. [0m stderr: sh: /sbin/ifconfig: No such file or directory Unable to download tortix rule set

Does any one have a quick fox for this?

Thanks in advance, //Dirk

 

[quark]

Still have this problem in Plesk 12.0.18 Update #44 and CentOS 7 (7.1.1503):
Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Wed Apr 8 18:33:13 2015 EEST using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. aum failed with exitcode 3. stdout: Invalid configuration file, attempting to repair ... No valid configurations found. Please run: /var/asl/bin/asl -c stderr: Unable to download tortix rule set

Update:
After I updated Plesk to Plesk 12.0.18 Update #45 and I uninstalled and reinstalled modsecurity from GUI, when I try to enable modsecurity I get:

Error: modsecurity_ctl failed: /usr/local/psa//admin/sbin/httpd_modules_ctl: line 110: /etc/httpd/conf.d/security2.conf.rpmsave
/etc/httpd/conf.d/security2.conf.new: No such file or directory
cat: /etc/httpd/conf.d/security2.conf.rpmsave
/etc/httpd/conf.d/security2.conf: No such file or directory
mv: cannot stat '/etc/httpd/conf.d/security2.conf.rpmsave\n/etc/httpd/conf.d/security2.conf.new': No such file or directory