Resolved ModSecurity - Authorization failed attempting to download an update

[Bogdan1]

Hi,

I have a problem with ModSecurity.
I activated ModSecurity +- a week ago(didn't change anything).
Now I'm getting this error: Authorization failed attempting to download an update

I've checked config file and there is username and password generated by plesk
USERNAME="plesk_global_unpaid"
PASSWORD="somepassword"

I tried to login with this credentials here: Atomicorp
Error: Incorrect username or password

What should I do now?
Thanks

 

[Matthl]

Same error here today. I have used the "Atomic Basic ModSecurity basic" subscription for about a year now without problems.

I just controlled all fields in Web Application Firewall - Settings.
Chrome prefilled the Atomic ModSecurity (subscription) Username and Password. You see the fields when u click the corresponding radio button.
I emptied the fields, activated Atomic Basic ModSecurity basic again, clicked ok and the error is gone for now. Maybe until the next cron run.

Since it's gone for now and i don't know how to trigger the error i can't post the complete error message that was shown in the web application firewall menu. Maybe there is a log file somwhere...

 

[Brujo]

well had the same and what I did was in Plesk Panel > Tools Settings > Web Application Firewall (ModSecurity) > disabled it and applyed and then enabled and applyed that solved the issue for me and the error was gone.

 

[Matthl]

..then enabled and applyed that solved the issue for me and the error was gone.

Let's hope it's not only gone until the next cron run, which checks for an update.

 

[Brujo]

it also updatet succesfully the rules at the same time as I have seen....

 

[Matthl]

So here we are again after the daily cron run:
"Error: Failed to update the ModSecurity rule set. Details"
https://vps.tothestars.de:8443/admin/web-app-firewall/general

Expand/Collapse Block: Error Details

Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: assuming signed data in `/tmp/tmpfYSo_l/aum'
gpg: Signature made Wed Mar 14 19:24:49 2018 CET using RSA key ID 4520AFA9
gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 1818 66DF 9DAC A40E 9B08 5D0A 4520 AFA9
TERM environment variable not set.
converted 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (ANSI_X3.4-1968) -> 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt' (UTF-8)
--2018-03-18 06:32:32-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt
Resolving www.atomicorp.com (www.atomicorp.com)... 74.208.77.16
Connecting to www.atomicorp.com (www.atomicorp.com)|74.208.77.16|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1694 (1.7K) [text/plain]
Saving to: 'STDOUT'

0K . 100% 3.71M=0s

2018-03-18 06:32:32 (3.71 MB/s) - written to stdout [1694/1694]

aum failed with exitcode 3.
stdout:



Checking versions ...



Authorization failed attempting to download an update.
The username or password may be invalid, or your license may be expired.
Please log in to the License Manager at Atomicorp and verify your account.

Further information may be found at: https://www.atomicorp.com/wiki/index.php/ASL_FAQ#HTTP_Error_401:_Authorization_Required.

-------------------------------------------------------------------------------
Errors were encountered:

L CODE SOURCE MESSAGE
- ---- ----------------------------- ------------------------------------------
[1;31m3 303 Core::distributed_update Invalid user credentials
[0m ...


stderr:
Unable to download tortix rule set

 

[Brujo]

right it is back on my Servers too Centos 7 & Ubuntu with Onyx 17.5.3 Update #43

Expand/Collapse Block: Error message

Fehler: Der ModSecurity-Regelsatz konnte nicht aktualisiert werden: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: Signature made Wed Mar 14 19:24:49 2018 CET using RSA key ID 4520AFA9
gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9
TERM environment variable not set.
aum failed with exitcode 3.
stdout:



Checking versions ...

AUM version is current: package asl is not installed[75G[[1;31m[1;32mPASS[0m[0m]


Authorization failed attempting to download an update.
The username or password may be invalid, or your license may be expired.
Please log in to the License Manager at Atomicorp and verify your account.

Further information may be found at: https://www.atomicorp.com/wiki/index.php/ASL_FAQ#HTTP_Error_401:_Authorization_Required.

-------------------------------------------------------------------------------
Errors were encountered:

L CODE SOURCE MESSAGE
- ---- ----------------------------- ------------------------------------------
[1;31m3 303 Core::distributed_update Invalid user credentials
[0m178.254.32.26


stderr:
Unable to download tortix rule set

 

[Matthl]

another thread: Issue - Atomic Base security can not update itself

 

[Matthl]

Try to switch Web application firewall mode off an on again. It should work again. At least it does here.
There seems to have been a problem with the global user used for the updates.
Mark Muyskens solved it together with atomicorp here: Issue - Atomic Base security can not update itself