Note: This article has the reference to the issues with the fixes available:
- #PPP-35935 "Installation of a license for Advanced ModSecurity Rules by Atomicorp no longer overwrites installed Atomic Secured
- Plesk Onyx 17.9 Preview 8 20 November 2018 (Linux)
- #PPPM-8240 "License of "Advanced modsecurity ... " extension overwrites /etc/asl/license.key from ASL (as PPP-35935)"
- Plesk update fails with the following message in
PLESK_INFO: https://plesk_1234567_1:email@example.com/channels/asl-4.0/centos/7/x86_64/repodata/repomd.xml: [Errno 14] HTTPS Error 401 - Unauthorized Trying other mirror. repo
Atomic Secure Linux extension is installed in Plesk.
Advanced ModSecurity Rules by Atomicorp (Security Pack) license is installed at Plesk > Tols & Settings > License Management > Additional License Keys
ASL config file at
/etc/asl/configwith authentication details to access Atomicorp repositories is regularly overwritten with wrong credentials.
This is Plesk bug with ID #PPPM-8240 which is planed to be fixed in one of the future product updates.
Login to the server via SSH and apply the following workaround:
- Download the patched key-handler.zip file from the attachments to the server and unzip it:
# wget https://plesk.zendesk.com/hc/article_attachments/360002982634/key-handler.zip
# unzip key-handler.zip
- Replace the original file with the new one at
# mv -i /usr/lib64/plesk-9.0/key-handler /usr/lib64/plesk-9.0/key-handler.orig
# cp key-handler /usr/lib64/plesk-9.0/key-handler
# chmod 750 /usr/lib64/plesk-9.0/key-handler
Note: revert the changes if it is planned to use Mod-security instead of ASL.