Skip to main content

SOLVED: The vendor metadata does not contain an entry for your version of ModSecurity, “2.9.10”

Levaro Sintex
  • Edited

As of the latest update regarding ModSecurity, the auto-update fails with:

The system failed to update the vendor from the URL “https://waf.comodo.com/doc/meta_comodo_apache.yaml”: The vendor metadata does not contain an entry for your version of ModSecurity, “2.9.10”. The only versions of ModSecurity this rule set supports are “2.7.5”, “2.7.7”, “2.8.0”, “2.9.0”, “2.9.1”, “2.9.2”, “2.9.3”, “2.9.4”, “2.9.5”, “2.9.6”, and “2.9.7”.

Complete error message:

/usr/local/cpanel/scripts/modsec_vendor update --auto
info [modsec_vendor] Updates are in progress for all of the installed ModSecurity vendors with automatic updates enabled.
Dependencies resolved.
Nothing to do.
Complete!
info [modsec_vendor] Restored modsec_cpanel_conf_datastore backup
info [modsec_vendor] The vendor “configserver” is already up to date.
warn [modsec_vendor] The system could not add the vendor: The vendor metadata does not contain an entry for your version of ModSecurity, “2.9.10”. The only versions of ModSecurity this rule set supports are “2.7.5”, “2.7.7”, “2.8.0”, “2.9.0”, “2.9.1”, “2.9.2”, “2.9.3”, “2.9.4”, “2.9.5”, “2.9.6”, and “2.9.7”.

 

 

 

Comments

4 comments

Date Votes
  • cPRex Jurassic Moderator

    Hey there!  This is just letting you know that Comodo hasn't published an updated ruleset for version 2.9.10, which is outside cPanel's control.  It's important to note that cPanel doesn't provide this ruleset as we only include the OWASP rules by default.

    You can just ignore this error, or you could disable that vendor, but there isn't going to be a "fix" for this issue from our side.

    1
  • Levaro Sintex

    Thank you for the quick response, by reporting I was hoping CPanel had contacts with Comodo to make them aware.

    For security reasons i'd rather not disable the auto-updates as re-enabling can be forgotten over time when, and when they suddenly decide to update the Yaml file miss-out on critical updates.

    Do you know where I can report this issue to make Comodo aware of this?

     

    0
  • cPRex Jurassic Moderator

    I would say that https://www.comodo.com/support.php is the best option to reach out to them, as that is the support link from https://modsecurity.comodo.com/

    1
  • Levaro Sintex

    Ok, thank you, i will send them an E-mail.

    Topic may be closed.

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post