Skip to main content

[EA-8506] ModSecurity 2.9.3 results in Apache service failures

Comments

5 comments

  • SJR
    Michael, thank you for update. My server received the update to 2.9.3 but I am 'not' experiencing any problems. 1. Do you recommend I do the downgrade anyway? 2. Do you have eta on when this update will be fixed and re-published? Thank you!
    0
  • cPanelMichael
    Hello @SJR, Good question! I recommend downgrading the RPM on production servers even if you don't observe any issues (it's no longer supported and is removed from our EA4 YUM repo). We are definitely planning to patch the RPM and publish it again, but I don't have a firm ETA to provide at this time. I'll update the following thread with more information as soon as it's available: Thank you.
    0
  • SJR
    For some reason I am not able to downgrade: I run: rpm -qa|grep ea-apache24-mod_security2 I get: root [/]# rpm -qa|grep ea-apache24-mod_security2 ea-apache24-mod_security2-2.9.3-1.1.1.cpanel.x86_64 root [/]# _ I run: yum clean all I get: root [/]# yum clean all Loaded plugins: fastestmirror, universal-hooks Cleaning repos: EA4 cpanel-addons-production-feed cpanel-plugins base extras : mysql-connectors-community mysql-tools-community : mysql57-community updates Other repos take up 1.0 M of disk space (use --verbose for details) root [/]# _ I run: yum downgrade ea-apache24-mod_security2 I get: root [/]# yum downgrade ea-apache24-mod_security2 Loaded plugins: fastestmirror, universal-hooks Determining fastest mirrors * EA4: 208.43.108.66 * cpanel-addons-production-feed: 208.43.108.66 * cpanel-plugins: 208.43.108.66 Resolving Dependencies --> Running transaction check ---> Package ea-apache24-mod_security2.x86_64 0:2.9.2-11.11.7.cpanel will be a downgrade ---> Package ea-apache24-mod_security2.x86_64 0:2.9.3-1.1.1.cpanel will be erased --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Downgrading: ea-apache24-mod_security2 x86_64 2.9.2-11.11.7.cpanel EA4 253 k Transaction Summary ================================================================================ Downgrade 1 Package Total download size: 253 k And then the server seems to hang for a very long time... If I now run again: rpm -qa|grep ea-apache24-mod_security2 I still get: root [/]# rpm -qa|grep ea-apache24-mod_security2 ea-apache24-mod_security2-2.9.3-1.1.1.cpanel.x86_64 root [/]# _ If I run again: yum clean all I now get this message repeating over and over: Another app is currently holding the yum lock; waiting for it to exit... The other application is: yum Memory : 121 M RSS (491 MB VSZ) Started: Thu May 30 09:51:22 2019 - 08:15 ago State : Sleeping, pid: 22926 Any suggestions with this? Thank you!
    0
  • cPanelMichael
    Another app is currently holding the yum lock; waiting for it to exit...

    Hello @SJR, It looks like a YUM process is hanging on your server. You can identify the hanging process ID with the following command: ps auxfww | grep yum
    Use the "kill -9 $PID" command to kill any YUM processes that are hanging, and then run "yum clean all" again to see if that helps. Thank you.
    0
  • cPanelMichael
    Hello Everyone, Mod_Security version 2.9.3 was published as part of today's EasyApache 4 release: EA-8506: Fix update to Mod_Security 2.9.3: Update is segfaulting on some servers The full EasyApache 4 change log is available on the link below: EasyApache 4 Change Log 2019 - EasyApache 4 - cPanel Documentation Thank you.
    0

Please sign in to leave a comment.