Skip to main content

Error in ModSecurity transfer

Comments

8 comments

  • cPRex Jurassic Moderator
    Hey hey! I want to say "yes" and that your logic is correct, but I'm not finding much for this error on my end. For confirmation, it might be a good idea to submit a ticket to our team so we can do some additional testing with that Source server.
    0
  • PeteS
    Hey hey! I want to say "yes" and that your logic is correct, but I'm not finding much for this error on my end. For confirmation, it might be a good idea to submit a ticket to our team so we can do some additional testing with that Source server.

    Ticket: 94434733 Can this be looked at asap? This source server is needing to be migrated asap, and I am holding off on and changes to it, or transfer from it, until this resolves. Thanks.
    0
  • cPRex Jurassic Moderator
    Following on my end now. I'm pretty cool, but I'm not "skip the queue" cool. Even if I was, I wouldn't say it on the Forums because people would quickly realize they could poke me here and give their ticket priorioty. The queue doesn't look too terrible on my end, so I'm guesstimating you'll hear something official within a few hours.
    0
  • PeteS
    No, no, I didn't mean "skip the queue." :) It's been almost a year since I opened a ticket, and somewhere along the line the queue position update went away, so I have no way of even guessing. But since you brought up prioritizing... Are licenses not directly purchased from cPanel still given second priority? I have licensing both ways at current, and I have considered changing them all to direct for this reason. It's only a little more expensive, so that's not the issue, but it is more convenient for me going non-direct because the provided adjusts the licenses up/down automatically based on accounts, and I can also spin up a cPanel server in one click - stupid easy. So this is something I've been pondering about which way to go with...
    0
  • cPRex Jurassic Moderator
    Licenses purchased directly from cPanel do include priority support!
    0
  • PeteS
    Update: I was incorrect about the REQUEST-931-APPLICATION-ATTACK-RFI not being on the source server, it is there. (Search error on my part.) When I compare a search for that rule on the source and destinations I see the destination I retied matches the source, but the destination I didn't retry has no rules at all. So the failure is legit, but the why of it, and whether a retry with success as described above resolves it completely is awaiting the ticket response. (Tech is looking in to both source and destination servers now.) I'll post back when the ticket is resolved.
    0
  • PeteS
    Long story short, the retry did in fact successfully and correctly transfer the modSec setup (including having that rule inactive) and resolve the issue. Longer story: For some reason the rule in question was off on the source server's vendor settings but marked on in ModSec Tools. This conflict caused the initial error... no idea why/how it got that way. One gotcha - rebuilding the datastore (
    0
  • cPRex Jurassic Moderator
    Thanks for posting that follow-up!
    0

Please sign in to leave a comment.