Facebook
TwitterResolved ModSecurity don't work
- Thread starter blackdoor
- Start date
I tried that workaround but it doesnt work. Looks like the issue is presistent for a year now.
This is Plesk bug with ID #PPPM-6202 which will be fixed in future updates.
I fixed the issue by doing
1. Find the current config:
bashgrep -r "SecDataDir" /etc/modsecurity/ /etc/apache2/ /etc/httpd/ 2>/dev/null
2. Create a new directory:
bashmkdir -p /var/cache/modsecurity
chown www-data:www-data /var/cache/modsecurity
chmod 770 /var/cache/modsecurity
3. Update SecDataDir in your ModSecurity config to:
SecDataDir /var/cache/modsecurity
If someone else has this issue:
Also, this error is present with the atomicorp full modsecurity ruleset
Message: Exec: Execution failed while reading output: /usr/bin/asl-stream-client (End of file found)
Message: Rule processing failed (id=351000, msg=Atomicorp.com Upload Malware Scanner: Malicious File upload attempt detected and blocked).
The rule is activated by default but the ASL scanner is not part of the modsecurity ruleset. That specific rule can be disabled, so no logs show up.
1. Find the current config:
bashgrep -r "SecDataDir" /etc/modsecurity/ /etc/apache2/ /etc/httpd/ 2>/dev/null
2. Create a new directory:
bashmkdir -p /var/cache/modsecurity
chown www-data:www-data /var/cache/modsecurity
chmod 770 /var/cache/modsecurity
3. Update SecDataDir in your ModSecurity config to:
SecDataDir /var/cache/modsecurity
If someone else has this issue:
Also, this error is present with the atomicorp full modsecurity ruleset
Message: Exec: Execution failed while reading output: /usr/bin/asl-stream-client (End of file found)
Message: Rule processing failed (id=351000, msg=Atomicorp.com Upload Malware Scanner: Malicious File upload attempt detected and blocked).
The rule is activated by default but the ASL scanner is not part of the modsecurity ruleset. That specific rule can be disabled, so no logs show up.
