Failed to update the ModSecurity ruleset: Authorization failed attempting to download an update

Symptoms

• Unable to activate/reinstall ModSecurity component or enable Tortix ModSecurity ruleset with one of the following errors:

  Error: Failed to update the ModSecurity rule set: modsecurity_ctl failed:
   gpg: key 4520AFA9: "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: Signature made Thu Nov 5 10:06:20 2015 EST using RSA key ID 1111AAAA gpg: Good signature from "Atomicorp (Atomicorp Official Signing Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: XXXX TERM environment variable not set. aum failed with exitcode
   stdout: Checking versions ... ASL version is current:[75G[[1;31m[1;32mPASS[0m[0m] Authorization failed attempting to download an update. The username or password may be invalid, or your license may be expired. Please log in to the License Manager at https://www.atomicorp.com/amember/member.php and verify your account. Further information may be found at: https://www.atomicorp.com/wiki/index.php/ASL_FAQ#HTTP_Error_401:_Authorization_Required.

  Syntax error on line 39 of /etc/apache2/modsecurity.d/rules/tortix/modsec/98_asl_scanner.conf:
   Invalid command 'SecTmpSaveUploadedFiles', perhaps misspelled or defined by a module not included in the server configuration
   apache2.service: control process exited, code=exited status=1
   Failed to start The Apache Webserver.

• Verifying license at https://www.atomicorp.com/amember/member.php shows the following error:

  "Active Licenses: You have no active licenses".

• Going to Tools & Settings > License Management > Additional License Keys contains a paid license Security Core for VPS with Complete Atomicorp ModSecurity
Rules (Security Pack)

Cause

Corrupted installation of aum package. As a result, the license was not uploaded to the Atomicorp website.

Resolution

Reinstall aum and ModSecurity in order to resolve the issue:

1. Connect to the server via SSH

2. Back up the content of the following directories and remove them:

   MYSQL_LIN: /etc/asl/*
   /var/asl/*
   /etc/httpd/modsecurity.d/rules/*

3. Remove ModSecurity component using Plesk installer

4. Check whether aum package was removed. If not, remove it manually:

   # rpm -e –nodeps aum-4.0.19-37.el7.art.x86_64

5. Make sure that ModSecurity license is updated in Tools & Settings > License Management > Additional Licenses > Retrieve

6. Install ModSecurity component using Plesk installer

If paid Tortix ruleset is in use, additionally do the following:

1. Enable Atomic Professional ModSecurity ruleset going to Tools & Settings > Web Application Firewall (ModSecurity)

   Note: Do not select (Subscription) as this option is for the keys purchased directly from Atomic, see the following article: Why username and password are asked when switching to Advanced ModSecurity Rules by Atomicorp ruleset?

2. Make sure that “tortix” rules appeared in /etc/httpd/conf/modsecurity.d/rules/ directory. If not, update the ruleset:

   # plesk php /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateModSecurityRuleSet daily