• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Forwarded to devs Error: Failed to update the ModSecurity rule set.

Azurel

Azurel

Silver Pleskian
Username: Azurel

TITLE

Error: Failed to update the ModSecurity rule set.

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

CentOS Linux 8.3.2011
Plesk Obsidian Version 18.0.34 Update #1

PROBLEM DESCRIPTION

On home with Obsidian 18.0.34 Update #1 I get
Error: Failed to update the ModSecurity rule set.
Click to expand...

Web Application Firewall shows
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: ERROR:root:Error
Traceback (most recent call last):
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 53, in main
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 35, in get_vendor_ruleset
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/plesk_atomic.py", line 84, in download
with closing(urllib2.urlopen(url, timeout=15)) as fin:
File "/usr/lib64/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib64/python2.7/urllib2.py", line 429, in open
response = self._open(req, data)
File "/usr/lib64/python2.7/urllib2.py", line 447, in _open
'_open', req)
File "/usr/lib64/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
File "/usr/lib64/python2.7/urllib2.py", line 1243, in https_open
context=self._context)
File "/usr/lib64/python2.7/urllib2.py", line 1200, in do_open
raise URLError(err)
URLErrorWrapper: Error interacting with https://waf.comodo.com/doc/meta_comodo_apache.yaml: <urlopen error [Errno 113] No route to host>
Unable to download comodo_free rule set
Click to expand...

STEPS TO REPRODUCE

see description

ACTUAL RESULT

see description

EXPECTED RESULT

If this is not an error, but only a temporary timeout to load the rules, then it should be described as such and not show this kind of error message?
If it should, then feel free to just ignore my ticket. ;)

ANY ADDITIONAL INFORMATION

URL https://waf.comodo.com/doc/meta_comodo_apache.yaml response with ERR_CONNECTION_TIMED_OUT

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Last edited:
Please read this report carefully. That issue was a timeout, because the comodo website was temporary not available. The problem here is how the timeout error is communicated by plesk.
 
How could a software know if the inaccessibility of a source file that is stored elsewhere is temporary or perpetuous? How could the software know whether it is caused by an unavailability of an URI, an IP block of a firewall or a temporary outage of the source server?
 
Please compare it with a browser. If a website is not accessible, then the browser manufacturer does not show me any lines of programming code with errors, but simply says that the page is not accessible, with a short code like
URL Free ModSecurity Rules from Comodo: response with ERR_CONNECTION_TIMED_OUT
Click to expand...
That's all it's about here. Instead of unnecessarily displaying this jumble of phyton code lines, it is sufficient to simply display that the query currently has a timeout. So this line (or like this) would be more as sufficient
Error interacting with Free ModSecurity Rules from Comodo: <urlopen error [Errno 113] No route to host>
Unable to download comodo_free rule set
Click to expand...
Is included in error message above at last two lines.

However, as I noted, this is simply an improvement in display this message in plesk GUI. Currently, for some it certainly seems as if something is broken with Plesk. This is just a friendly hint. If you think that should be so complex, then that's fine with me.
 
In the last few days there have been various messages here in the forum that the update of the comodo ruleset has failed. we have also had this for a few days on different servers centos 7 and 8.
 
I have today this download error again and the message is already shortened
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: Failed to download comodo_free rule set.
Click to expand...
So this report is already fixed. ;)
However, the reason should have been specified here. Otherwise many stupid questions come up. Why not specify the URL of the problem? Then everyone could see for themselves that there are problems with the URL and Comodo has a problem here.

@moswak This report is not about a issue with updating the rule set, its only about content of the error message itself.
See Free Modsecurity rules - Comodo Web Application Firewall (not pinned threads) this is a issue with comodo, not plesk.
 
Last edited:
You must log in or register to reply here.

Similar threads

I
Issue Problem with Modsecurity 2.9. Error: Could not set variable "ip.brute_force_counter" and Could not set variable "ip.xmlrpc_counter" as the collection
Replies
1
Views
141
Peter Debik
P
T
Apache2 ModSec Error - Apache2 fails to start and AH00111 error
Replies
1
Views
1K
Peter Debik
P
finbarr69
Resolved /var/awp/etc/config: No such file or directory, Failed to update the ModSecurity rule set
Replies
5
Views
2K
8tango
8
B
Issue Web Application Firewall - Can't change to "Comodo (free)" [modsecurity_ctl: failed]?
Replies
3
Views
1K
IgorG
IgorG
O
Resolved Panel error: Read-only file system
Replies
5
Views
2K
OverWolf
O
Back
Top