Common Issues Upgrading from 3.0.1.8 and below

Report bugs and workarounds
Post Reply
User avatar
shawniverson
Posts: 2768
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Common Issues Upgrading from 3.0.1.8 and below

Post by shawniverson » 27 Mar 2017 11:43

Common Issues you may encounter when upgrading from 3.0.1.8 and below.

Browser cache may need cleared after update -- viewtopic.php?f=13&t=2271

Table upgrades may fail when tables are marked as crashed -- viewtopic.php?f=13&t=2270 and viewtopic.php?f=13&t=2274

Not enough disk space to upgrade -- viewtopic.php?f=13&t=2280

Certain password strings may appear as an attack to mod_security and result in a Forbidden message (see below for how to fix).
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

User avatar
shawniverson
Posts: 2768
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Common Issues Upgrading to 3.0.1.9

Post by shawniverson » 27 Mar 2017 20:35

Several of these issues will be fixed in a 3.0.2.0 maintenance release, which will be coming out soon.

Update (edited): 3.0.2.0 is out now, issues resolved are removed from the above list.
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

AITCS
Posts: 31
Joined: 13 Mar 2017 11:12

Re: Common Issues Upgrading to 3.0.1.9

Post by AITCS » 28 Mar 2017 22:35

Looking forward to it... having several issues since the update unfortunately.
Thanks for the great work so far.

bostjanc
Posts: 97
Joined: 01 Jun 2016 17:18

Re: Common Issues Upgrading to 3.0.1.9

Post by bostjanc » 31 Mar 2017 12:21

One more thing, dunno it's regarding any EFA upgrades or pushing yum updates lately on Efa appliance.
Today when I have analyzed some mail delivery (less /var/log/maillog) I have noticed a lot of errors:
"warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual "

Is this anything regarding EFA updates?
With best regards

User avatar
shawniverson
Posts: 2768
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Common Issues Upgrading to 3.0.1.9

Post by shawniverson » 31 Mar 2017 20:21

That comes up from time to time. Just run

Code: Select all

sudo postmap /etc/postfix/virtual
And reload postfix.
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Triumf
Posts: 12
Joined: 05 Jan 2014 13:18

Re: Common Issues Upgrading from 3.0.1.8 and below

Post by Triumf » 09 Apr 2017 17:01

Just updated and having this issue accessing the web after logging in:

Code: Select all

Forbidden

You don't have permission to access /mailscanner/checklogin.php on this server.
Looks like password too suspicious :)

Code: Select all

[severity "CRITICAL"] [ver "OWASP_CRS/2.2.6"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] 
Last edited by Triumf on 09 Apr 2017 17:06, edited 1 time in total.

User avatar
shawniverson
Posts: 2768
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Common Issues Upgrading from 3.0.1.8 and below

Post by shawniverson » 09 Apr 2017 17:03

Triumf wrote:
09 Apr 2017 17:01
Just updated and having this issue accessing the web after logging in:
Can you share with me what you are seeing in /var/log/httpd error logs when you try to log in?
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Triumf
Posts: 12
Joined: 05 Jan 2014 13:18

Re: Common Issues Upgrading from 3.0.1.8 and below

Post by Triumf » 09 Apr 2017 17:09

Looks familiar with this thread: viewtopic.php?f=13&t=2283

Code: Select all

[Sun Apr 09 19:56:06 2017] [error] [client xxxxxx] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:\\\\A|[^\\\\d])0x[a-f\\\\d]{3,}[a-f\\\\d]*)+" at ARGS:mypassword. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "55"] [id "981260"] [rev "2"] [msg "SQL Hex Encoding Identified"] ...
My password contains only letters and numbers

User avatar
shawniverson
Posts: 2768
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Common Issues Upgrading from 3.0.1.8 and below

Post by shawniverson » 09 Apr 2017 17:16

Add this to the end of /etc/httpd/conf.d/mod_security.conf in the eFa exceptions block at the end:

Code: Select all

SecRuleRemoveById 981260
And restart httpd.

Code: Select all

sudo service httpd restart
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Triumf
Posts: 12
Joined: 05 Jan 2014 13:18

Re: Common Issues Upgrading from 3.0.1.8 and below

Post by Triumf » 09 Apr 2017 17:19

Thanks! Haven't noticed exception part in another thread.

Post Reply