ModSecurity changes user/password after every ruleset update

Created:

2016-12-12 03:43:47 UTC

Modified:

2017-08-08 13:15:04 UTC

0

Was this article helpful?


Have more questions?

Submit a request

ModSecurity changes user/password after every ruleset update

Symptoms

  • ModSecurity changes user/password after every ruleset update: a different password is written in /etc/asl/config:

    # /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateModSecurityRuleSet
  • The following error may appear when trying to enable or update ruleset:

    Errors were encountered:

    L CODE SOURCE MESSAGE
    - ---- ----------------------------- ------------------------------------------
    3 303 Core::distributed_update Invalid user credentials

Cause

Password/user is cached in aum configuration.

Resolution

1. Connect to the server using SSH. 2. Remove aum package:

# rpm -e --nodeps aum

3. Rename /etc/asl and /var/asl directories:

# mv /etc/asl /etc/ask_backup
# mv /var/asl /var/asl_backup

4. Install aum pacakge:

# yum install aum

5. Run configuration:

# aum -c
Have more questions? Submit a request
Please sign in to leave a comment.