Issue Atomic Standard ruleset problem

[andg]

Server operating system version

Debian 12.9

Plesk version and microupdate number

Plesk Obsidian 18.0.67 Update #3

Hi,
I recently noticed Comodo ruleset for ModSecurity is not being updated since early 2024.
Tried OWASP but was getting too many false positives so I wanted to give a try to Atomic Standard.
The problem is that when I try to apply the config I get

modsecurity_ctl failed: file could not be opened successfully:
- method gz: ReadError('empty file')
- method bz2: ReadError('not a bzip2 file')
- method xz: ReadError('not an lzma file')
- method tar: ReadError('empty file')

So looks like I'm not really getting file rules from Atomic Standard.
Anyone encountered this problem before?
I've seen in their site you need to register to download Atomic Standard ruleset.
Maybe the implementation is broken due to the login required?
Thanks!

 

[Sebahat.hadzhi]

Hello, @andg . Could you please provide step-by-step instructions on what actions you performed prior to the occurrence of the error? Thank you in advance for your cooperation.

 

[icez]

Hello,

I'm seeing the same issue on one of my servers. Just changing the Web Application Firewall ruleset in the admin page.
- Go to 'Tools & Settings'
- Click 'Web Application Firewall'
- Click tab Settings
- Under 'Rule sets' select 'Atomic Standard'
- Scroll to bottom of page, then click OK
- It'll show error like this



Environment: Debian 12.9 (updated to latest version) Plesk Obsidian 18.0.67 Update #3

I also tried running the command line and it show the same error:

root@thz04:/etc/apache2/modsecurity.d/rules# /opt/psa/admin/sbin/modsecurity_ctl --install --enable-ruleset --ruleset tortix
file could not be opened successfully:
- method gz: ReadError('empty file')
- method bz2: ReadError('not a bzip2 file')
- method xz: ReadError('not an lzma file')
- method tar: ReadError('empty file')

 

[Sebahat.hadzhi]

Thank you for the clarification, @icez . I wanted to make sure no specific actions were performed as I was unable to reproduce the issue on a default Debian 12 server. However, our team observed that the issue occurs if the attempt to access the Atomic files is made through IPv6 rather than by IPv4. Have you made any customizations on the server in question and set it to make requests over IPv6 by default? If that's the case, the recommended workaround is to enable IPv4 instead of IPv6 by default. If not, it will be best to open a support ticket for further investigation.

 

[icez]

Thank for the update. I tried temporary disable IPv6 and run the command again and it works!


I still confusing as why this one encountered a problem as I have 3 other servers with same environment and they're set to use atomic ruleset without any problem.

 

[andg]

Hi, it's a recent plesk installation. No particular customizations were made. In all plesk installations I have I get the same error

 

[MSandakov]

Hello.

It looks like there is an issue on Atomic's side. We observed that they are providing an empty file instead of an archive containing the ruleset for some Plesk installations. We are waiting for their response.