Skip to main content

ModSecurity Vendors Error

Comments

6 comments

  • cPanelMichael
    Hello, Could you let us know the output when manually running the "/scripts/modsec_vendor" command? Thank you.
    0
  • derek bullard
    Hi Michael, thanks for your answer. Here's the output when manually running the "/scripts/modsec_vendor" command
    # /scripts/modsec_vendor usage: /scripts/modsec_vendor ... list - Lists the currently-installed vendors add - Installs a new vendor remove - Removes the vendor with the specified vendor id update - If a vendor_id is provided, this command updates the vendor specified by that id from the same URL that was used to install it. - If a URL is provided, this command updates an existing vendor from the specified URL. The URL need not be the same as the one used to originally install the vendor. - If --auto is specified, updates all installed vendors for which auto-update is enabled using the URLs from which they were originally installed. enable - Enables a vendor disable - Disables a vendor enable-updates - Enables automatic updates for a vendor disable-updates - Disables automatic updates for a vendor enable-configs - Enables all configs for a vendor disable-configs - Disables all configs for a vendor
    Doing "/scripts/modsec_vendor list" command instead gives:
    # /scripts/modsec_vendor list [OWASP3] OWASP ModSecurity Core Rule Set V3.0 (not installed) cpanel_provided 1 description SpiderLabs OWASP V3 curated ModSecurity rule set installed 0 installed_from http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml name OWASP ModSecurity Core Rule Set V3.0 vendor_id OWASP3 vendor_url https://go.cpanel.net/modsecurityowasp [comodo_litespeed] COMODO ModSecurity LiteSpeed Rule Set archive_url https://waf.comodo.com/api/cpanel_litespeed_vendor configs (34) cpanel_provided 0 description COMODO ModSecurity Rules for LiteSpeed dist_md5 d6709c7f775f0394055e717c92635580 dist_sha512 09f926a4edf151b8230c08f5c5847f55b945fb4b05c79e10c4a5328f4144b241575336e73956901f5737c026f6ae79c2eba895a3e55b9a12886398be84169851 enabled 1 in_use 34 inst_dist comodo-litespeed-1143 installed 1 installed_from https://waf.comodo.com/doc/meta_comodo_litespeed.yaml name COMODO ModSecurity LiteSpeed Rule Set path /etc/apache2/conf.d/modsec_vendor_configs/comodo_litespeed report_url https://waf.comodo.com/api/cpanel_feedback?source=1&rule_set=1.143 supported_versions (6) update 1 vendor_id comodo_litespeed vendor_url https://waf.comodo.com [configserver] ConfigServer archive_url https://download.configserver.com/waf/configserver.zip configs (1) cpanel_provided 0 description ConfigServer cXs ModSecurity rule dist_md5 3a917adcd7eafd35d975b15bfc889d49 dist_sha512 77f635a22c9d28109ebcb755a7cffc7696bd2a0c287cfa0b89bea9ce3d39ff6b2017f25eb3b198b55702cafb37a86b0776107db934455b133bfbce564747f235 enabled 1 in_use 1 inst_dist configserver installed 1 installed_from https://download.configserver.com/waf/meta_configserver.yaml name ConfigServer path /etc/apache2/conf.d/modsec_vendor_configs/configserver supported_versions (6) update 1 vendor_id configserver vendor_url http://configserver.com
    0
  • derek bullard
    when I try to update I get the following:
    [root@la1 ~]# /scripts/modsec_vendor update configserver info [modsec_vendor] Restored modsec_cpanel_conf_datastore backup warn [modsec_vendor] The system failed to update the vendor from the URL "https://download.configserver.com/waf/meta_configserver.yaml": (XID jhhjwg) The update for vendor "configserver" is unnecessary because you already have distribution "configserver" installed. [root@la1 ~]# /scripts/modsec_vendor update comodo_litespeed info [modsec_vendor] Restored modsec_cpanel_conf_datastore backup warn [modsec_vendor] The system failed to update the vendor from the URL "https://waf.comodo.com/doc/meta_comodo_litespeed.yaml": (XID xa2b6x) The update for vendor "comodo_litespeed" is unnecessary because you already have distribution "comodo-litespeed-1144" installed.
    for some reason we did'nt get that email again though so maybe it was a temporary issue
    0
  • cPanelMichael
    for some reason we did'nt get that email again though so maybe it was a temporary issue

    Hello, Can you verify the system was successfully updated to cPanel 68? Thank you.
    0
  • derek bullard
    yes the cPanel version is 68.0.9
    0
  • cPanelMichael
    Hello, I'm glad to see the next cPanel update succeeded. Note that I did attempt to reproduce the issue, but found that it was working properly. The "/usr/local/cpanel/scripts/modsec_vendor update --auto" command completed successfully during the upcp process and when ran manually:
    [2017-11-08 09:44:07 -0600] - Processing command `/usr/local/cpanel/scripts/modsec_vendor update --auto` [2017-11-08 09:44:09 -0600] - Finished command `/usr/local/cpanel/scripts/modsec_vendor update --auto` in 1.349 seconds

    # /usr/local/cpanel/scripts/modsec_vendor update --auto info [modsec_vendor] Updates are in progress for all of the installed ModSecurity vendors with automatic updates enabled. info [modsec_vendor] Restored modsec_cpanel_conf_datastore backup info [modsec_vendor] The vendor "configserver" is already up to date.
    Let us know if you notice this happening again in the future. Thank you.
    0

Please sign in to leave a comment.