• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • The ImunifyAV extension is now deprecated and no longer available for installation.
    Existing ImunifyAV installations will continue operating for three months, and after that will automatically be replaced with the new Imunify extension. We recommend that you manually replace any existing ImunifyAV installations with Imunify at your earliest convenience.

Issue Atomic Standard ruleset problem

A

andg

New Pleskian
Server operating system version
Debian 12.9
Plesk version and microupdate number
Plesk Obsidian 18.0.67 Update #3
Hi,
I recently noticed Comodo ruleset for ModSecurity is not being updated since early 2024.
Tried OWASP but was getting too many false positives so I wanted to give a try to Atomic Standard.
The problem is that when I try to apply the config I get
Code: 
modsecurity_ctl failed: file could not be opened successfully:
- method gz: ReadError('empty file')
- method bz2: ReadError('not a bzip2 file')
- method xz: ReadError('not an lzma file')
- method tar: ReadError('empty file')
So looks like I'm not really getting file rules from Atomic Standard.
Anyone encountered this problem before?
I've seen in their site you need to register to download Atomic Standard ruleset.
Maybe the implementation is broken due to the login required?
Thanks!
 
Hello, @andg . Could you please provide step-by-step instructions on what actions you performed prior to the occurrence of the error? Thank you in advance for your cooperation.
 
Hello,

I'm seeing the same issue on one of my servers. Just changing the Web Application Firewall ruleset in the admin page.
- Go to 'Tools & Settings'
- Click 'Web Application Firewall'
- Click tab Settings
- Under 'Rule sets' select 'Atomic Standard'
- Scroll to bottom of page, then click OK
- It'll show error like this

c-20250221-232236.png

Environment: Debian 12.9 (updated to latest version) Plesk Obsidian 18.0.67 Update #3

I also tried running the command line and it show the same error:

root@thz04:/etc/apache2/modsecurity.d/rules# /opt/psa/admin/sbin/modsecurity_ctl --install --enable-ruleset --ruleset tortix
file could not be opened successfully:
- method gz: ReadError('empty file')
- method bz2: ReadError('not a bzip2 file')
- method xz: ReadError('not an lzma file')
- method tar: ReadError('empty file')
Click to expand...
 
Thank you for the clarification, @icez . I wanted to make sure no specific actions were performed as I was unable to reproduce the issue on a default Debian 12 server. However, our team observed that the issue occurs if the attempt to access the Atomic files is made through IPv6 rather than by IPv4. Have you made any customizations on the server in question and set it to make requests over IPv6 by default? If that's the case, the recommended workaround is to enable IPv4 instead of IPv6 by default. If not, it will be best to open a support ticket for further investigation.
 
Thank for the update. I tried temporary disable IPv6 and run the command again and it works!


I still confusing as why this one encountered a problem as I have 3 other servers with same environment and they're set to use atomic ruleset without any problem.
 
You must log in or register to reply here.

Similar threads

I
Issue Selinux switches to permissive when updating modsecurity rules
Replies
10
Views
1K
ivanes82
I
S
Resolved Web Application Firewall: Error when changing to ruleset "Atomic Advanced (erworben über Plesk)"
Replies
4
Views
747
Sascha Schlüter
S
K
Resolved Activating/updating Atomicorp ruleset (ModSecurity) results in "unmet dependencies" error
Replies
5
Views
1K
King555
K
O
Resolved WAF / Security of VPS
Replies
1
Views
798
othmaqsa
O
K
Resolved ModSecurity: Is it now possible to switch from Comodo ruleset to Atomic on Ubuntu 18 server?
Replies
1
Views
917
King555
K
Back
Top