modsec_vendor update causing upcp failure

[IdleServ]

Hi

With the release of 92 I switched to ea-modsec2-rules-owasp-crs for ModSecurity.

Since then the upcp script has been generating an error:

[2020-12-10 10:11:21 +0000]    - Processing command `/usr/local/cpanel/scripts/modsec_vendor update --auto`
[2020-12-10 10:11:39 +0000]      [/usr/local/cpanel/scripts/modsec_vendor] The system failed to update the vendor from the URL “N/A, it is done via RPM”: The provided URL does not point to a valid vendor specification YAML file.
[2020-12-10 10:11:39 +0000] E    [/usr/local/cpanel/scripts/modsec_vendor] The “/usr/local/cpanel/scripts/modsec_vendor update --auto” command (process 11273) reported error number 1 when it ended.
[2020-12-10 10:11:39 +0000]   The Administrator will be notified to review this output when this script completes
[2020-12-10 10:11:39 +0000]    - Finished command `/usr/local/cpanel/scripts/modsec_vendor update --auto` in 18.155 seconds

Manual run:

[[email protected] ~]# /usr/local/cpanel/scripts/modsec_vendor update --auto
info [modsec_vendor] Updates are in progress for all of the installed ModSecurity vendors with automatic updates enabled.
info [modsec_vendor] Restored modsec_cpanel_conf_datastore backup
info [modsec_vendor] The vendor “configserver” is already up to date.
The system failed to update the vendor from the URL “N/A, it is done via RPM”: The provided URL does not point to a valid vendor specification YAML file.
warn [modsec_vendor] The system failed to update the vendor from the URL “N/A, it is done via RPM”: The provided URL does not point to a valid vendor specification YAML file.

Is there a config entry somewhere I need to clean up?

I tried yum reinstall ea-modsec2-rules-owasp-crs but no change.

Thanks!

 

[cPRex]

Hey there! I wasn't able to reproduce this issue on a v92 server when I tried just now. Can you try the following to see if that gets things working?

yum clean all
yum makecache
/usr/local/cpanel/scripts/modsec_vendor update --auto

 

[IdleServ]

Thanks but still same error. I tried the reinstall again too.

info [modsec_vendor] Updates are in progress for all of the installed ModSecurity vendors with automatic updates enabled.
info [modsec_vendor] Restored modsec_cpanel_conf_datastore backup
info [modsec_vendor] The vendor “configserver” is already up to date.
The system failed to update the vendor from the URL “N/A, it is done via RPM”: The provided URL does not point to a valid vendor specification YAML file.
warn [modsec_vendor] The system failed to update the vendor from the URL “N/A, it is done via RPM”: The provided URL does not point to a valid vendor specification YAML file.

I've got 2 other servers with the same setup but they are fine.

 

[cPRex]

It may be best to put in a ticket for this issue so we can check it out directly on your system. If you do that, please post the number here so I can keep the community updated with the resolution.