• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Forwarded to devs Micro-Update 68 issue - WAF not activated after applying MU #68

T

trialotto

Golden Pleskian
Plesk Guru
TITLE:
Micro-Update 68 issue - WAF not activated after applying MU #68
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
All of them, I suppose
PROBLEM DESCRIPTION:
WAF not activated after applying MU #68​
STEPS TO REPRODUCE:
Run the command : plesk sbin autoinstaller​
ACTUAL RESULT:
WAF is off, even though it was set to on before.​
EXPECTED RESULT:
It is to some extent expected behaviour : package libapache2-modsecurity is removed and replaced afterwards by package libapache2-modsecurity-plesk.

No problem there.

However, people will not be aware of the fact that the WAF is not active.

In my humble opinion, this is an urgent matter : servers are exposed, while the server owners or maintainers are expecting to have a working WAF.​
ANY ADDITIONAL INFORMATION:
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Confirm bug
 
Hi, trialotto!
Can you check the following commands:
Code: 
# plesk sbin modsecurity_ctl --status
Enabled
# apache2ctl -M | grep security2
 security2_module (shared)

We have known issue that modsecurity status is displayed incorrectly in Web UI (as "Off") but actually modsecurity is enabled and working.
I will ask about backporting fix for this issue in 17.8.11.
 
@Alxndr.V

Thanks for the reply - but there might be a problem : I have tested on 5 or 6 servers (read: live copies of production servers) with different settings and they are now configured properly. In short, I cannot do a valid test anymore - it is difficult to replicate after applying MU68.

I am pretty sure (99,99% sure) that (one the one hand) modsecurity was disabled on all servers and (on the other hand) some servers were demonstrating a conflict with modsecurity package, one conflict being related to the aum package (read: not a relevant issue, I deliberately tested with a different setup / config) and another conflict being related to failures to clean packages when removing config (read: I deliberately tested what happened if the plesk modsecurity package was uninstalled and reinstalled, with the endresult being that config files were left behind that prevented Apache to start - again, a not so relevant issue).

In brief, if I am not mistaken, modsecurity was disabled.

By the way, I noticed some issues with Imunify360 extension and / or I am aware of the known issue of "incorrect display" and / or it should be the case that Atomicorp ModSec rules are supported in Ubuntu 18.0.x (but there is not an option for that in the Plesk Panel) - can we discuss these things in a private conversation?

Kind regards..........
 
You must log in or register to reply here.

Similar threads

Bitpalast
Automatic upgrade vom 18.0.31 to 18.0.32 despite setting that only micro updates shall auto-install
Replies
6
Views
2K
moswak
M
Bitpalast
Forwarded to devs Recurring issues in all websites with ModSecurity ruleset
Replies
8
Views
3K
ahoi
A
T
Forwarded to devs Docker extension issue - docker daemon running continuously, even after uninstall
Replies
2
Views
1K
AYamshanov
AYamshanov
D
Firewall rules not applied after reboot
Replies
0
Views
747
Deagan
D
T
Forwarded to devs URGENT - Plesk-base package missing after update #52
Replies
5
Views
569
trialotto
T
Back
Top