• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Forwarded to devs Error: Failed to update the ModSecurity rule set.

Azurel

Azurel

Silver Pleskian
Username: Azurel

TITLE

Error: Failed to update the ModSecurity rule set.

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

CentOS Linux 8.3.2011
Plesk Obsidian Version 18.0.34 Update #1

PROBLEM DESCRIPTION

On home with Obsidian 18.0.34 Update #1 I get
Error: Failed to update the ModSecurity rule set.
Click to expand...

Web Application Firewall shows
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: ERROR:root:Error
Traceback (most recent call last):
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 53, in main
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 35, in get_vendor_ruleset
File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/plesk_atomic.py", line 84, in download
with closing(urllib2.urlopen(url, timeout=15)) as fin:
File "/usr/lib64/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib64/python2.7/urllib2.py", line 429, in open
response = self._open(req, data)
File "/usr/lib64/python2.7/urllib2.py", line 447, in _open
'_open', req)
File "/usr/lib64/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
File "/usr/lib64/python2.7/urllib2.py", line 1243, in https_open
context=self._context)
File "/usr/lib64/python2.7/urllib2.py", line 1200, in do_open
raise URLError(err)
URLErrorWrapper: Error interacting with https://waf.comodo.com/doc/meta_comodo_apache.yaml: <urlopen error [Errno 113] No route to host>
Unable to download comodo_free rule set
Click to expand...

STEPS TO REPRODUCE

see description

ACTUAL RESULT

see description

EXPECTED RESULT

If this is not an error, but only a temporary timeout to load the rules, then it should be described as such and not show this kind of error message?
If it should, then feel free to just ignore my ticket. ;)

ANY ADDITIONAL INFORMATION

URL https://waf.comodo.com/doc/meta_comodo_apache.yaml response with ERR_CONNECTION_TIMED_OUT

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Last edited:
Please read this report carefully. That issue was a timeout, because the comodo website was temporary not available. The problem here is how the timeout error is communicated by plesk.
 
How could a software know if the inaccessibility of a source file that is stored elsewhere is temporary or perpetuous? How could the software know whether it is caused by an unavailability of an URI, an IP block of a firewall or a temporary outage of the source server?
 
Please compare it with a browser. If a website is not accessible, then the browser manufacturer does not show me any lines of programming code with errors, but simply says that the page is not accessible, with a short code like
URL Free ModSecurity Rules from Comodo: response with ERR_CONNECTION_TIMED_OUT
Click to expand...
That's all it's about here. Instead of unnecessarily displaying this jumble of phyton code lines, it is sufficient to simply display that the query currently has a timeout. So this line (or like this) would be more as sufficient
Error interacting with Free ModSecurity Rules from Comodo: <urlopen error [Errno 113] No route to host>
Unable to download comodo_free rule set
Click to expand...
Is included in error message above at last two lines.

However, as I noted, this is simply an improvement in display this message in plesk GUI. Currently, for some it certainly seems as if something is broken with Plesk. This is just a friendly hint. If you think that should be so complex, then that's fine with me.
 
In the last few days there have been various messages here in the forum that the update of the comodo ruleset has failed. we have also had this for a few days on different servers centos 7 and 8.
 
I have today this download error again and the message is already shortened
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: Failed to download comodo_free rule set.
Click to expand...
So this report is already fixed. ;)
However, the reason should have been specified here. Otherwise many stupid questions come up. Why not specify the URL of the problem? Then everyone could see for themselves that there are problems with the URL and Comodo has a problem here.

@moswak This report is not about a issue with updating the rule set, its only about content of the error message itself.
See Free Modsecurity rules - Comodo Web Application Firewall (not pinned threads) this is a issue with comodo, not plesk.
 
Last edited:
You must log in or register to reply here.

Similar threads

P
Issue Server update fail
Replies
1
Views
1K
Sebahat.hadzhi
Sebahat.hadzhi
Polli
Nameserver DNS entrys for subdomains are set wrong when plesk is primary DNS
Replies
2
Views
794
Sebahat.hadzhi
Sebahat.hadzhi
enerspace
Internal backup over CIFS / SSHFS mount
Replies
12
Views
2K
Sebahat.hadzhi
Sebahat.hadzhi
ic3_2k
Issue Problem with Modsecurity 2.9. Error: Could not set variable "ip.brute_force_counter" and Could not set variable "ip.xmlrpc_counter" as the collection
Replies
1
Views
898
Peter Debik
P
Bitpalast
Forwarded to devs Update to 18.0.63 #4 removed /etc/fail2ban/jail.local, crashed Fail2Ban
Replies
3
Views
1K
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top