Applicable to:
- Plesk Onyx for Linux
Symptoms
- Plesk is running on Debian or Ubuntu.
- Atomic Basic ModSecurity ruleset is enabled at Tools & Settings > Web Application Firewall (ModSecurity)
- Error in
/var/log/modsec_audit.log:CONFIG_TEXT: --b8876e6d-H-- Message: collections_remove_stale: Failed to access DBM file "/var/asl/data/msa/global": Permission denied
Stopwatch: 1494012668966140
Stopwatch2: 1494012668966140 3289; combined=1756, p1=90, p2=1487, p3=20, p4=49, p5=62, sr=7, sw=0, l=0, gc=48
ModSecurity for Apache/2.9.0 (http://www.modsecurity.org/); 201705041602.
Server: Apache
Engine-Mode: "ENABLED"
Cause
This is Plesk bug with ID #PPPM-6202 which will be fixed in future updates.
Resolution
As a workaround, log in to Plesk server via SSH and change the permissions:
# chown www-data.www-data /var/asl/data/msa
# chown www-data.www-data /var/asl/data/audit
# chown www-data.www-data /var/asl/data/suspicious
# chmod o-rx -R /var/asl/data/*
# chmod ug+rwx -R /var/asl/data/*
If the issue persists, turn off the affected rule by the rule's ID in Plesk.
Comments
2 comments
After applying the workaround, is there any thing around this bug that would cause the permissions to revert back to what caused the error? In other words, until this bug (#PPPM-6202) is delivered, do I need to anticipate applying the workaround again?
Thank you!
Hi Tim,
The permissions and ownership on these folders and files can be changed only on update of 'aum' package. However, I cannot confirm 100% that it will be changed on update of this package. I suggest you verifying it on the next update of this package.
Please sign in to leave a comment.