• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question Error: Failed to update the ModSecurity rule set

A

Alban Staehli

Regular Pleskian
Hi,

Since early this week, I get the following message once logged into Plesk: Error: Failed to update the ModSecurity rule set
I've double-checked login/password, all looks good but it keeps failing.
I have also noted that I can't login anymore to Free ModSecurity Rules from Comodo
I even have tried to create an additional username via the signup button on Free ModSecurity Rules from Comodo, but again, once the process is complete, I can't login and Plesk keeps warning that the credentials are wrong.

Have you encountered this recently? As I start wondering if it isn't an issue with Comodo itself....

Thanks.
 
"Failed to update the ModSecurity rule set" only says that an update of existing rules could not be performed. This is normally caused by overloaded servers of the specific ruleset and will be solved automatically after a few more attempts, e.g. next night during the nightly maintenance.

I recently experienced similar issues with Comodo when installing a new server, so I went with the Atomic ruleset instead. Maybe there is a general issue with Comodo.
 
@Peter Debik I've now tried to switch to Atomic Basic ModSecurity, but there are no rules.... it's like empty.
When I navigate to the WAF settings under a domain, it doesn't allow to browse the rules to exclude some of them for instance. The rules are empty.

Nevertheless, in the logs, I could see some errors being caught:
Message: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "179"] [id "33340162"] [rev "294"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: URL detected as argument, possible RFI attempt detected"] [data "%TX:1,TX:1"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "beginsWith %{request_headers.host}" against "TX:1" required.

Is it expected to have rules available in the WAF settings under the domain with Atomic Basic rules?
 

Attachments

  • wafrulesempty.png
    wafrulesempty.png
    30.4 KB · Views: 18
FYI - waf.comodo.com authentification is now working fine - I just got an email from their support team and tried, and all back to normal.
Nevertheless, latest update of their WAF rules is November 2020. So not so fresh.
 
You must log in or register to reply here.

Similar threads

S
Question ModSecurity Comodo no rule update for weeks?
Replies
5
Views
990
Ehud
Ehud
H
Issue Using atomic corp rules for modsecurity but updating page via elementor doesn't work and gives internal server error.
Replies
1
Views
366
Peter Debik
P
finbarr69
Resolved /var/awp/etc/config: No such file or directory, Failed to update the ModSecurity rule set
Replies
5
Views
2K
8tango
8
T
Apache2 ModSec Error - Apache2 fails to start and AH00111 error
Replies
1
Views
1K
Peter Debik
P
U
Issue Error message ID 19494#0, 5467#0 and ModSecurity
Replies
3
Views
2K
Peter Debik
P
Back
Top