• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Question Error: Failed to update the ModSecurity rule set

A

Alban Staehli

Regular Pleskian
Hi,

Since early this week, I get the following message once logged into Plesk: Error: Failed to update the ModSecurity rule set
I've double-checked login/password, all looks good but it keeps failing.
I have also noted that I can't login anymore to Free ModSecurity Rules from Comodo
I even have tried to create an additional username via the signup button on Free ModSecurity Rules from Comodo, but again, once the process is complete, I can't login and Plesk keeps warning that the credentials are wrong.

Have you encountered this recently? As I start wondering if it isn't an issue with Comodo itself....

Thanks.
 
"Failed to update the ModSecurity rule set" only says that an update of existing rules could not be performed. This is normally caused by overloaded servers of the specific ruleset and will be solved automatically after a few more attempts, e.g. next night during the nightly maintenance.

I recently experienced similar issues with Comodo when installing a new server, so I went with the Atomic ruleset instead. Maybe there is a general issue with Comodo.
 
@Peter Debik I've now tried to switch to Atomic Basic ModSecurity, but there are no rules.... it's like empty.
When I navigate to the WAF settings under a domain, it doesn't allow to browse the rules to exclude some of them for instance. The rules are empty.

Nevertheless, in the logs, I could see some errors being caught:
Message: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "179"] [id "33340162"] [rev "294"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: URL detected as argument, possible RFI attempt detected"] [data "%TX:1,TX:1"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "beginsWith %{request_headers.host}" against "TX:1" required.

Is it expected to have rules available in the WAF settings under the domain with Atomic Basic rules?
 

Attachments

  • wafrulesempty.png
    wafrulesempty.png
    30.4 KB · Views: 18
FYI - waf.comodo.com authentification is now working fine - I just got an email from their support team and tried, and all back to normal.
Nevertheless, latest update of their WAF rules is November 2020. So not so fresh.
 
You must log in or register to reply here.

Similar threads

S
Question ModSecurity Comodo no rule update for weeks?
Replies
5
Views
990
Ehud
Ehud
H
Issue Using atomic corp rules for modsecurity but updating page via elementor doesn't work and gives internal server error.
Replies
1
Views
366
Peter Debik
P
finbarr69
Resolved /var/awp/etc/config: No such file or directory, Failed to update the ModSecurity rule set
Replies
5
Views
2K
8tango
8
T
Apache2 ModSec Error - Apache2 fails to start and AH00111 error
Replies
1
Views
1K
Peter Debik
P
U
Issue Error message ID 19494#0, 5467#0 and ModSecurity
Replies
3
Views
2K
Peter Debik
P
Back
Top