• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Forwarded to devs Error: Failed to update the ModSecurity rule set.

Azurel

Silver Pleskian
Username: Azurel

TITLE

Error: Failed to update the ModSecurity rule set.

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

CentOS Linux 8.3.2011
Plesk Obsidian Version 18.0.34 Update #1

PROBLEM DESCRIPTION

On home with Obsidian 18.0.34 Update #1 I get
Error: Failed to update the ModSecurity rule set.

Web Application Firewall shows
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: ERROR:root:Error
Traceback (most recent call last):
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 53, in main
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 35, in get_vendor_ruleset
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/plesk_atomic.py", line 84, in download
with closing(urllib2.urlopen(url, timeout=15)) as fin:
File "/usr/lib64/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib64/python2.7/urllib2.py", line 429, in open
response = self._open(req, data)
File "/usr/lib64/python2.7/urllib2.py", line 447, in _open
'_open', req)
File "/usr/lib64/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
File "/usr/lib64/python2.7/urllib2.py", line 1243, in https_open
context=self._context)
File "/usr/lib64/python2.7/urllib2.py", line 1200, in do_open
raise URLError(err)
URLErrorWrapper: Error interacting with https://waf.comodo.com/doc/meta_comodo_apache.yaml: <urlopen error [Errno 113] No route to host>
Unable to download comodo_free rule set

STEPS TO REPRODUCE

see description

ACTUAL RESULT

see description

EXPECTED RESULT

If this is not an error, but only a temporary timeout to load the rules, then it should be described as such and not show this kind of error message?
If it should, then feel free to just ignore my ticket. ;)

ANY ADDITIONAL INFORMATION

URL https://waf.comodo.com/doc/meta_comodo_apache.yaml response with ERR_CONNECTION_TIMED_OUT

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM


Confirm bug
 
Last edited:
Please read this report carefully. That issue was a timeout, because the comodo website was temporary not available. The problem here is how the timeout error is communicated by plesk.
 
How could a software know if the inaccessibility of a source file that is stored elsewhere is temporary or perpetuous? How could the software know whether it is caused by an unavailability of an URI, an IP block of a firewall or a temporary outage of the source server?
 
Please compare it with a browser. If a website is not accessible, then the browser manufacturer does not show me any lines of programming code with errors, but simply says that the page is not accessible, with a short code like
URL Free ModSecurity Rules from Comodo: response with ERR_CONNECTION_TIMED_OUT
That's all it's about here. Instead of unnecessarily displaying this jumble of phyton code lines, it is sufficient to simply display that the query currently has a timeout. So this line (or like this) would be more as sufficient
Error interacting with Free ModSecurity Rules from Comodo: <urlopen error [Errno 113] No route to host>
Unable to download comodo_free rule set
Is included in error message above at last two lines.

However, as I noted, this is simply an improvement in display this message in plesk GUI. Currently, for some it certainly seems as if something is broken with Plesk. This is just a friendly hint. If you think that should be so complex, then that's fine with me.
 
In the last few days there have been various messages here in the forum that the update of the comodo ruleset has failed. we have also had this for a few days on different servers centos 7 and 8.
 
I have today this download error again and the message is already shortened
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: Failed to download comodo_free rule set.
So this report is already fixed. ;)
However, the reason should have been specified here. Otherwise many stupid questions come up. Why not specify the URL of the problem? Then everyone could see for themselves that there are problems with the URL and Comodo has a problem here.

@moswak This report is not about a issue with updating the rule set, its only about content of the error message itself.
See Free Modsecurity rules - Comodo Web Application Firewall (not pinned threads) this is a issue with comodo, not plesk.
 
Last edited:
Back
Top