Unable to activate or update the Comodo rule-set in Plesk ModSecurity: Error interacting with https://waf.comodo.com/doc/meta_comodo_apache.yaml: <urlopen error [Errno 113] No route to host>

Follow

Comments

11 comments

  • Avatar
    R8 Edge

    Same thing here - but while updating that is.

    0
    Comment actions Permalink
  • Avatar
    Blamotech

    Will this auto correct when the site is back up?

    Just asking just in case...

    0
    Comment actions Permalink
  • Avatar
    Michael

    Blamotech I guess, we don't have to worry. Let's just wait till tmrw and hope the best!

    0
    Comment actions Permalink
  • Avatar
    Admin

    I emailed Comodo about the issue earlier today - no reply... but hopefully they sort it out.

    Comodo should realise that a LOT of people use these rules and a LOT of servers are sitting vulnerable because of this.

     

    0
    Comment actions Permalink
  • Avatar
    tiendadesilvina

    Mismo error, imposible activar

    0
    Comment actions Permalink
  • Avatar
    Magnus Schmitz

    Same Error.

     

    Changing the update interval from weekly to monthly resolved it in the first place....

     

    I even tried to change to Atomic but there is an error as well...

    0
    Comment actions Permalink
  • Avatar
    Admin

    Finally there is a file at the destination URL on the Comodo server BUT my Plesk is still not happy about it.

    So I fixed it by copying the text in 'custom directives' and 'security rule IDs' to notepad.

    Then changing the rule set to Atomic Standard (free) - it took a good minute or two to save that.

    And then finally going back to Comodo (free) and pasting back the settings I saved earlier.

    I could have possibly waited until it self updated but it didn't work when I tried changing the daily to weekly updates and back again or anything else for that matter.

    -----------------------------------------------------------------------------------

    *** Below is a copy of the original error for future reference ***

    Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed: <urlopen error timed out>. Retry<urlopen error timed out>. RetryERROR:root:Error
    Traceback (most recent call last):
    File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 53, in main
    File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/modsecurity_get_vendor_ruleset.py", line 35, in get_vendor_ruleset
    File "/usr/lib64/plesk-9.0/modsecurity_get_vendor_ruleset/plesk_atomic.py", line 105, in download
    with closing(urllib2.urlopen(url, timeout=15)) as fin:
    File "/usr/lib64/python2.7/urllib2.py", line 154, in urlopen
    return opener.open(url, data, timeout)
    File "/usr/lib64/python2.7/urllib2.py", line 431, in open
    response = self._open(req, data)
    File "/usr/lib64/python2.7/urllib2.py", line 449, in _open
    '_open', req)
    File "/usr/lib64/python2.7/urllib2.py", line 409, in _call_chain
    result = func(*args)
    File "/usr/lib64/python2.7/urllib2.py", line 1258, in https_open
    context=self._context, check_hostname=self._check_hostname)
    File "/usr/lib64/python2.7/urllib2.py", line 1214, in do_open
    raise URLError(err)
    URLErrorWrapper: Error interacting with https://waf.comodo.com/doc/meta_comodo_apache.yaml: <urlopen error timed out>
    Unable to download comodo_free rule set

    ---------------------------------------------------

    ***Below is from the Comodo Server : https://waf.comodo.com/doc/meta_comodo_apache.yaml ***

    ---
    2.7.5:
      MD5: baf05d38fceb2c0c099bc69a7b76570c
      SHA512: bbe06db127527aefcda3f681bc1f729c56502f72be847e72239bf9969a653d238a147b68ed1af6713e10526c00dd9aef4b9b7baaf2a14492dc083b2610ae4abb
      distribution: comodo-apache-1233
      url: https://waf.comodo.com/api/cpanel_apache_vendor
    2.7.7:
      MD5: baf05d38fceb2c0c099bc69a7b76570c
      SHA512: bbe06db127527aefcda3f681bc1f729c56502f72be847e72239bf9969a653d238a147b68ed1af6713e10526c00dd9aef4b9b7baaf2a14492dc083b2610ae4abb
      distribution: comodo-apache-1233
      url: https://waf.comodo.com/api/cpanel_apache_vendor
    2.8.0:
      MD5: baf05d38fceb2c0c099bc69a7b76570c
      SHA512: bbe06db127527aefcda3f681bc1f729c56502f72be847e72239bf9969a653d238a147b68ed1af6713e10526c00dd9aef4b9b7baaf2a14492dc083b2610ae4abb
      distribution: comodo-apache-1233
      url: https://waf.comodo.com/api/cpanel_apache_vendor
    2.9.0:
      MD5: baf05d38fceb2c0c099bc69a7b76570c
      SHA512: bbe06db127527aefcda3f681bc1f729c56502f72be847e72239bf9969a653d238a147b68ed1af6713e10526c00dd9aef4b9b7baaf2a14492dc083b2610ae4abb
      distribution: comodo-apache-1233
      url: https://waf.comodo.com/api/cpanel_apache_vendor
    2.9.1:
      MD5: baf05d38fceb2c0c099bc69a7b76570c
      SHA512: bbe06db127527aefcda3f681bc1f729c56502f72be847e72239bf9969a653d238a147b68ed1af6713e10526c00dd9aef4b9b7baaf2a14492dc083b2610ae4abb
      distribution: comodo-apache-1233
      url: https://waf.comodo.com/api/cpanel_apache_vendor
    2.9.2:
      MD5: baf05d38fceb2c0c099bc69a7b76570c
      SHA512: bbe06db127527aefcda3f681bc1f729c56502f72be847e72239bf9969a653d238a147b68ed1af6713e10526c00dd9aef4b9b7baaf2a14492dc083b2610ae4abb
      distribution: comodo-apache-1233
      url: https://waf.comodo.com/api/cpanel_apache_vendor
    2.9.3:
      MD5: baf05d38fceb2c0c099bc69a7b76570c
      SHA512: bbe06db127527aefcda3f681bc1f729c56502f72be847e72239bf9969a653d238a147b68ed1af6713e10526c00dd9aef4b9b7baaf2a14492dc083b2610ae4abb
      distribution: comodo-apache-1233
      url: https://waf.comodo.com/api/cpanel_apache_vendor
    attributes:
      description: COMODO ModSecurity Rules for Apache
      name: COMODO ModSecurity Apache Rule Set
      vendor_url: https://waf.comodo.com
      report_url: https://waf.comodo.com/api/cpanel_feedback?source=0&rule_set=1.233
    1
    Comment actions Permalink
  • Avatar
    Francois Francois

    Doing it right now again.
    https://waf.comodo.com/doc/meta_comodo_apache.yaml is dead

    0
    Comment actions Permalink
  • Avatar
    Admin

    I gave up on the comodo rules and changed to Imunify360 -  https://www.plesk.com/extensions/imunify360/

    Imunify360 is brilliant and I can't recommend it enough as it also includes a host of other features.

    I also tried Juggernaut Firewall and it was terrible, it broke my server and the support was so unhelpful and rude.

     

    0
    Comment actions Permalink
  • Avatar
    Francois Francois

    Imunify is not free :(

    0
    Comment actions Permalink
  • Avatar
    Admin

    Yeah that is unfortunate but still really worth while. Also its based on how many users on your control panel rather than websites. So if you are the sole manager of all the websites, its one license.

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request