Question ModSecurity: Failed to access DBM file "/var/asl/data/msa/ip": Permission denied

[Richard18]

Plesk Onyx v17.8.11_build1708180301.19 os_Ubuntu 16.04

I've recently noticed the following in my modsec_audit.log:

Message: collection_store: Failed to access DBM file "/var/asl/data/msa/ip": Permission denied
Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client xxx.xxx.xxx.xxx] ModSecurity: collection_store: Failed to access DBM file "/var/asl/data/msa/ip": Permission denied [hostname "xxx"]

Is it something to worry about?

There is no /var/asl/data/msa/ip but there are two other ip files, /var/asl/data/msa/ip.dir and /var/asl/data/msa/ip.pag.

 

[IgorG]

The permissions are incorrect and it was detected by our development team as a bug ( PPPM-6202 ).
The following article makes the reference for this issue - ModSecurity: Failed to access DBM file "/var/asl/data/msa/
You can change the permissions following the steps below:

# chown www-data.www-data /var/asl/data/msa
# chown www-data.www-data /var/asl/data/audit
# chown www-data.www-data /var/asl/data/suspicious
# chmod o-rx -R /var/asl/data/*
# chmod ug+rwx -R /var/asl/data/*

We also have an article that describes this issue - Errors in /var/log/modsec_audit.log: incorrect ModSecurity permissions