Plesk 12 and ModSecurity
Posted: Fri Jul 04, 2014 11:32 am
Hi,
We have turned on ModSecurity on Plesk 12, and set Atomic Basic ModSecurity rule set to update daily. However, we encountered this error...
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <support@atomicorp.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Thu Jun 26 00:41:22 2014 SGT using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <support@atomicorp.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. http://mirrors.neusoft.edu.cn//tortix-c ... repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found" Trying other mirror. aum failed with exitcode 3. stdout: Checking versions ... ASL version is current: [60G[[1;31m[1;32mPASS[0m[0m] Updating MODSEC to 201407031142: updated[60G[[1;31m[1;32mPASS[0m[0m] ------------------------------------------------------------------------------- Errors were encountered: L CODE SOURCE MESSAGE - ---- ----------------------------- ------------------------------------------ [0;33m2 9901 ASLCommon::cmd_system ERROR: '/usr/sbin/apachectl -t >/dev/null 2>&1 (1)' [0m[0;33m2 9901 ASLCommon::cmd_exec ERROR: '(1) /usr/sbin/apachectl -t 2>&1 -- Syntax error on line 227 of /etc/httpd/co nf.d/modsecurity.conf:||Invalid command 'S ecStatusEngine', perhaps misspelled or def ined by a module not included in the serve r configuration' [0m[0;33m2 601 c_modsec::apply_rules There is a problem with the apache config: Syntax error on line 227 of /etc/httpd/co nf.d/modsecurity.conf:; Invalid command 'S ecStatusEngine', perhaps misspelled or def ined by a module not included in the serve r configuration [0m[0;33m2 601 c_modsec::apply_rules There is a problem with the apache config: Rolling back to the previous update [0m[0;33m2 9901 ASLCommon::cmd_system ERROR: '/bin/cp -af /var/asl/tmp/waf_rules /* /tmp/tmph6JZUe/modsec>/dev/null 2>&1 (1 )' [0m[1;31m3 600 c_modsec::apply_rules Errors occurred with Apache [0m stderr: Unable to download tortix rule set
Which seems to suggest the atomic repository signing key is incorrect.
Appreciate if you can kindly advise.
Thanks & regards
John Low
We have turned on ModSecurity on Plesk 12, and set Atomic Basic ModSecurity rule set to update daily. However, we encountered this error...
Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <support@atomicorp.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Thu Jun 26 00:41:22 2014 SGT using RSA key ID 4520AFA9 gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <support@atomicorp.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 1818 66DF 9DAC A40E 5B42 9B08 FFBD 5D0A 4520 AFA9 TERM environment variable not set. http://mirrors.neusoft.edu.cn//tortix-c ... repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found" Trying other mirror. aum failed with exitcode 3. stdout: Checking versions ... ASL version is current: [60G[[1;31m[1;32mPASS[0m[0m] Updating MODSEC to 201407031142: updated[60G[[1;31m[1;32mPASS[0m[0m] ------------------------------------------------------------------------------- Errors were encountered: L CODE SOURCE MESSAGE - ---- ----------------------------- ------------------------------------------ [0;33m2 9901 ASLCommon::cmd_system ERROR: '/usr/sbin/apachectl -t >/dev/null 2>&1 (1)' [0m[0;33m2 9901 ASLCommon::cmd_exec ERROR: '(1) /usr/sbin/apachectl -t 2>&1 -- Syntax error on line 227 of /etc/httpd/co nf.d/modsecurity.conf:||Invalid command 'S ecStatusEngine', perhaps misspelled or def ined by a module not included in the serve r configuration' [0m[0;33m2 601 c_modsec::apply_rules There is a problem with the apache config: Syntax error on line 227 of /etc/httpd/co nf.d/modsecurity.conf:; Invalid command 'S ecStatusEngine', perhaps misspelled or def ined by a module not included in the serve r configuration [0m[0;33m2 601 c_modsec::apply_rules There is a problem with the apache config: Rolling back to the previous update [0m[0;33m2 9901 ASLCommon::cmd_system ERROR: '/bin/cp -af /var/asl/tmp/waf_rules /* /tmp/tmph6JZUe/modsec>/dev/null 2>&1 (1 )' [0m[1;31m3 600 c_modsec::apply_rules Errors occurred with Apache [0m stderr: Unable to download tortix rule set
Which seems to suggest the atomic repository signing key is incorrect.
Appreciate if you can kindly advise.
Thanks & regards
John Low