• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Forwarded to devs Security2.conf config for package mod_security-2.9.2-1.el7.x86_64 is missing on upgrade

danami

danami

Silver Pleskian
TITLE:
Security2.conf config for package mod_security-2.9.2-1.el7.x86_64 is missing on upgrade
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
Product version: Plesk Onyx 17.8.11 Update #6
Update date: 2018/04/23 08:40
Build date: 2018/04/13 07:57
OS version: CentOS 7.5.1804
Revision: c3fb546fb867ac424d65da14d8b023f11ec0d150
Architecture: 64-bit
Wrapper version: 1.2
PROBLEM DESCRIPTION:
When running yum update to mod_security-2.9.2-1.el7.x86_64 I see this:

Code: 
warning: /etc/httpd/conf.d/security2.conf saved as /etc/httpd/conf.d/security2.conf.rpmsave
The only problem when the new /etc/httpd/conf.d/security2.conf is not added it disables mod_security completely .​
STEPS TO REPRODUCE:
Run yum update​
ACTUAL RESULT:
yum update
Warning: /etc/httpd/conf.d/security2.conf saved as /etc/httpd/conf.d/security2.conf.rpmsave​
EXPECTED RESULT:
If a config file has changed the package should move the config to /etc/httpd/conf.d/security2.conf.rpmsave AND add the new config file /etc/httpd/conf.d/security2.conf​
ANY ADDITIONAL INFORMATION:
I'm seeing this on multiple servers.
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Confirm bug
 
From developer:

The customer tried to install mod_security package from OS vendor repository. But Plesk uses itself package with different package version:

mod_security-2.9.2-centos7.18050714.x86_64

The mentioned config does not exist in vendor's mod_security package. Rpm removed our package and saved old config as .rpmsave during the update procedure.
The bug will not be confirmed because I didn't see any reason do this.
 
You guys still really need to look at this. This happens on any yum update to Centos 7.5 because the Centos 7.5 modsecurity package is newer than the ones provided by Plesk... So any user who does a simple "yum update" to Centos 7.5 will be affected and their modsecurity will be disabled. I've also linked to the Centos 7.5 thread so that users will be aware of this.
 
Last edited:
Actually it looks like the Centos 7 mod_security package still loads the rules in the mod_security.conf file instead.
 
You must log in or register to reply here.

Similar threads

A
Resolved Unable to reinstall modsecurity after upgrade from Onyx to Obsidian
Replies
1
Views
590
Abernathy
A
danami
Forwarded to devs Missing suplimentry packages for Postfix on OS where they upgrade Postfix
Replies
4
Views
415
Sebahat.hadzhi
Sebahat.hadzhi
R
Resolved Repository for PHP 7.2 missing
Replies
5
Views
477
RPD
R
T
ISSUE - Nginx config generation failure and http2 directive implementation failure
Replies
14
Views
2K
Bitpalast
Bitpalast
J
Issue Update MariaDB 5.5 to 10.5 failed, system crash
Replies
1
Views
740
JuanCar
J
Back
Top