• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Modsecurity failed to retrieve Atomic basic set on Debian 9

Pascal_Netenvie

Pascal_Netenvie

Regular Pleskian
Hi,
On new server under Debian 9 and Plesk 17.8.11 i have this error when i try to enable Modsecurity with Atomic basic rules set :

Code: 
Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key FFBD5D0A4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: assuming signed data in '/tmp/tmp5aLLbG/aum' gpg: Signature made Mon Apr 23 22:27:52 2018 CEST gpg: using RSA key FFBD5D0A4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. --2018-05-11 18:22:11-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 74.208.77.16 Connecting to www.atomicorp.com (www.atomicorp.com)|74.208.77.16|:443... Warning: apt-key output should not be parsed (stdout is not a terminal) connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: 'STDOUT' 0K . 100% 46.0M=0s 2018-05-11 18:22:11 (46.0 MB/s) - written to stdout [1694/1694] W: The repository 'http://updates.atomicorp.com/channels/tortix-common/debian stretch Release' does not have a Release file. E: Failed to fetch http://updates.atomicorp.com/channels/tortix-common/debian/dists/stretch/main/binary-i386/Packages 404 Not Found [IP: 173.203.184.213 80] E: Some index files failed to download. They have been ignored, or old ones used instead. sed: can't read /etc/asl/config: No such file or directory Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/apache2/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '/etc/asl/config']' returned non-zero exit status 2 Unable to download tortix rule set

I tried to uninstall then re install modsecurity but it's the same.

If i switch to OWASP rules it run fine.
 
We are having the same issue on all systems since last night. I think it is one of the frequent occasions where there are temporary issues with the Atomic basic rule set updates. Normally these go away after a few days once Atomic has realized that there is an issue.
 
Yes now we have this on many servers :
Reason: 2018-05-14 06:25:41 INFO: pum is called with arguments: ['--list', '--repo-info', '--json']
2018-05-14 06:25:45 ERROR: E:The repository 'Atomicorp stretch Release' does not have a Release file.
2018-05-14 06:25:45 ERROR: Exited with returncode 1.
Click to expand...
 
I am sorry, but your quote was
"2018-05-14 06:25:45 ERROR: E:The repository 'Atomicorp stretch Release' does not have a Release file."
referring to the "stretch" release.

Here is a link to official Plesk support. Maybe it fits better in this case: Plesk Help Center
 
I can't submit demand to support center cause my licence is from a reseller ...
So if you have any news about this problem ...

I will try the fix .
 
I tried your fix for Debian 9 but, for Comodo rules credentials are needed, and if i try Atomic basic i have now this error :
Failed to install the ModSecurity rule set: modsecurity_ctl failed: gpg: key FFBD5D0A4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: assuming signed data in '/tmp/tmpwnYLRX/aum' gpg: Signature made Tue May 15 00:14:14 2018 CEST gpg: using RSA key FFBD5D0A4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. --2018-05-23 09:33:43-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... 74.208.77.16 Connecting to www.atomicorp.com (www.atomicorp.com)|74.208.77.16|:443... Warning: apt-key output should not be parsed (stdout is not a terminal) connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: 'STDOUT' 0K . 100% 46.5M=0s 2018-05-23 09:33:44 (46.5 MB/s) - written to stdout [1694/1694] E: Unable to locate package aum sed: can't read /etc/asl/config: No such file or directory Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/apache2/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '/etc/asl/config']' returned non-zero exit status 2 Unable to download tortix rule set
Click to expand...
 
same problem here... Onyx 17.8.11 on Debian 9.5

Errore nell'installazione del set di regole di ModSecurity: modsecurity_ctl failed: gpg: key FFBD5D0A4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: assuming signed data in '/tmp/tmpzRxye_/aum' gpg: Signature made Mon Jul 23 18:43:44 2018 CEST gpg: using RSA key FFBD5D0A4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. --2018-09-25 12:39:17-- https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt Resolving www.atomicorp.com (www.atomicorp.com)... Warning: apt-key output should not be parsed (stdout is not a terminal) 74.208.77.16 Connecting to www.atomicorp.com (www.atomicorp.com)|74.208.77.16|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1694 (1.7K) [text/plain] Saving to: 'STDOUT' 0K . 100% 67.8M=0s 2018-09-25 12:39:18 (67.8 MB/s) - written to stdout [1694/1694] W: The repository 'Atomicorp stretch Release' does not have a Release file. W: GPG error: Index of /kernelcare-debian/6 stable InRelease: The following signatures were invalid: E58FE9B3FE3B0470525159BD6DC3D600CDEF74BB W: The repository 'Index of /kernelcare-debian/6 stable InRelease' is not signed. E: Failed to fetch http://updates.atomicorp.com/channels/tortix-common/debian/dists/stretch/main/binary-amd64/Packages 404 Not Found [IP: 46.105.121.84 80] E: Some index files failed to download. They have been ignored, or old ones used instead. sed: can't read /etc/asl/config: No such file or directory Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/apache2/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '/etc/asl/config']' returned non-zero exit status 2 Unable to download tortix rule set
 
At the moment i'm using Comodo ModSecurity, it's free but you need to register an account on their website
 
You must log in or register to reply here.

Similar threads

finbarr69
Resolved /var/awp/etc/config: No such file or directory, Failed to update the ModSecurity rule set
Replies
5
Views
2K
8tango
8
M
Issue Failed to update ModSecurity ruleset: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>"
Replies
0
Views
774
muhammad.faraz
M
I
Resolved Plesk Email Security Amavis installation failed
Replies
2
Views
1K
imumutkilic
I
J
Issue Issue with Atomic Advanced (bought from Plesk)
Replies
0
Views
741
jl07
J
Azurel
Resolved Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed
Replies
0
Views
1K
Azurel
Azurel
Back
Top