• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Forwarded to devs Security2.conf config for package mod_security-2.9.2-1.el7.x86_64 is missing on upgrade

danami

danami

Silver Pleskian
TITLE:
Security2.conf config for package mod_security-2.9.2-1.el7.x86_64 is missing on upgrade
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
Product version: Plesk Onyx 17.8.11 Update #6
Update date: 2018/04/23 08:40
Build date: 2018/04/13 07:57
OS version: CentOS 7.5.1804
Revision: c3fb546fb867ac424d65da14d8b023f11ec0d150
Architecture: 64-bit
Wrapper version: 1.2
PROBLEM DESCRIPTION:
When running yum update to mod_security-2.9.2-1.el7.x86_64 I see this:

Code: 
warning: /etc/httpd/conf.d/security2.conf saved as /etc/httpd/conf.d/security2.conf.rpmsave
The only problem when the new /etc/httpd/conf.d/security2.conf is not added it disables mod_security completely .​
STEPS TO REPRODUCE:
Run yum update​
ACTUAL RESULT:
yum update
Warning: /etc/httpd/conf.d/security2.conf saved as /etc/httpd/conf.d/security2.conf.rpmsave​
EXPECTED RESULT:
If a config file has changed the package should move the config to /etc/httpd/conf.d/security2.conf.rpmsave AND add the new config file /etc/httpd/conf.d/security2.conf​
ANY ADDITIONAL INFORMATION:
I'm seeing this on multiple servers.
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Confirm bug
 
From developer:

The customer tried to install mod_security package from OS vendor repository. But Plesk uses itself package with different package version:

mod_security-2.9.2-centos7.18050714.x86_64

The mentioned config does not exist in vendor's mod_security package. Rpm removed our package and saved old config as .rpmsave during the update procedure.
The bug will not be confirmed because I didn't see any reason do this.
 
You guys still really need to look at this. This happens on any yum update to Centos 7.5 because the Centos 7.5 modsecurity package is newer than the ones provided by Plesk... So any user who does a simple "yum update" to Centos 7.5 will be affected and their modsecurity will be disabled. I've also linked to the Centos 7.5 thread so that users will be aware of this.
 
Last edited:
Actually it looks like the Centos 7 mod_security package still loads the rules in the mod_security.conf file instead.
 
You must log in or register to reply here.

Similar threads

A
Resolved Unable to reinstall modsecurity after upgrade from Onyx to Obsidian
Replies
1
Views
955
Abernathy
A
danami
Resolved Plesk Postfix RPM overrites /etc/postfix/header_checks with every Postfix package update
Replies
7
Views
2K
danami
danami
danami
Forwarded to devs Missing suplimentry packages for Postfix on OS where they upgrade Postfix
Replies
4
Views
896
Sebahat.hadzhi
Sebahat.hadzhi
R
Resolved Repository for PHP 7.2 missing
Replies
5
Views
1K
RPD
R
T
ISSUE - Nginx config generation failure and http2 directive implementation failure
Replies
14
Views
4K
Bitpalast
Bitpalast
Back
Top