Winnstorm
Basic Pleskian
Hello,
I'm facing an issue with modsecurity, actually one website is facing a false-positive for comodo waf rules:
[file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "38"] [id "214940"]
[file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/15_Outgoing_FilterASP.conf"] [line "14"] [id "214450"]
I've switched off, disabled, almost anything related to WAF domain configuration and nothing happened. So I tried to swap the WAF from Comodo default to Atomic free, and then the same issue is happening on the log (after the change) but now the rules are not working and also I cannot revert back to comodo since when I change from the WAF config I receive the following error:
Failed to install the ModSecurity rule set: modsecurity_ctl failed: ERROR:root:Error Traceback (most recent call last): File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 53, in main File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 35, in get_vendor_ruleset File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/plesk_atomic.py", line 105, in download with closing(urllib2.urlopen(url, timeout=15)) as fin: File "/usr/lib64/python2.7/urllib2.py", line 154, in urlopen return opener.open(url, data, timeout) File "/usr/lib64/python2.7/urllib2.py", line 431, in open response = self._open(req, data) File "/usr/lib64/python2.7/urllib2.py", line 449, in _open '_open', req) File "/usr/lib64/python2.7/urllib2.py", line 409, in _call_chain result = func(*args) File "/usr/lib64/python2.7/urllib2.py", line 1258, in https_open context=self._context, check_hostname=self._check_hostname) File "/usr/lib64/python2.7/urllib2.py", line 1214, in do_open raise URLError(err) URLErrorWrapper: Error interacting with https://waf.comodo.com/doc/meta_comodo_apache.yaml: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)> Unable to download comodo_free rule set
Any help will be appreciated
Thanks
best regards
I'm facing an issue with modsecurity, actually one website is facing a false-positive for comodo waf rules:
[file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "38"] [id "214940"]
[file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/15_Outgoing_FilterASP.conf"] [line "14"] [id "214450"]
I've switched off, disabled, almost anything related to WAF domain configuration and nothing happened. So I tried to swap the WAF from Comodo default to Atomic free, and then the same issue is happening on the log (after the change) but now the rules are not working and also I cannot revert back to comodo since when I change from the WAF config I receive the following error:
Failed to install the ModSecurity rule set: modsecurity_ctl failed: ERROR:root:Error Traceback (most recent call last): File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 53, in main File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 35, in get_vendor_ruleset File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/plesk_atomic.py", line 105, in download with closing(urllib2.urlopen(url, timeout=15)) as fin: File "/usr/lib64/python2.7/urllib2.py", line 154, in urlopen return opener.open(url, data, timeout) File "/usr/lib64/python2.7/urllib2.py", line 431, in open response = self._open(req, data) File "/usr/lib64/python2.7/urllib2.py", line 449, in _open '_open', req) File "/usr/lib64/python2.7/urllib2.py", line 409, in _call_chain result = func(*args) File "/usr/lib64/python2.7/urllib2.py", line 1258, in https_open context=self._context, check_hostname=self._check_hostname) File "/usr/lib64/python2.7/urllib2.py", line 1214, in do_open raise URLError(err) URLErrorWrapper: Error interacting with https://waf.comodo.com/doc/meta_comodo_apache.yaml: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)> Unable to download comodo_free rule set
Any help will be appreciated
Thanks
best regards