Timotheus 1 Posted December 28, 2020 Share Posted December 28, 2020 I recently migrated to ESET PROTECT Virtual Appliance from ESMC. I had not been using the HTTP Proxy, but chose to install it when finishing the installation. Clients cannot get modules from the server. The apache error log shows errors like this: [Mon Dec 28 16:11:49.896463 2020] [access_compat:error] [pid 2663] [client xxx.xxx.xxx.xxx:61361] AH01797: client denied by server configuration: proxy:http:/update.eset.com/ep7-dll-rel-sta/mod_049_horusdb_11471/em049_64_l0.dll.nup As was noted in another thread, "http:/update..." cannot be correct. But I have no idea why a slash should be missing. Does anybody know where this might be coming from? Link to comment Share on other sites More sharing options...
ESET Staff Solution MartinK 383 Posted December 29, 2020 ESET Staff Solution Share Posted December 29, 2020 Could you please clarify that you have upgrade appliance to latest version using "migration" mechanisms? Asking to be sure you are using latest version of both appliance and Apache packages as available there. Regarding issue with slashes, if I recall correctly, we have encountered it also with Windows variant, where it has been mitigated by adding directive: MergeSlashes OFF into Apache configuration file, which is in appliance located in: /etc/httpd/conf.d/proxy.conf Could you possibly try to modify configuration, restart proxy service (systemctl restart httpd) and verify? Also is this issue persistent or it happens only randomly? In your case it was mostly random... Link to comment Share on other sites More sharing options...
Timotheus 1 Posted December 29, 2020 Author Share Posted December 29, 2020 Greetings Martin, Thanks for getting back to me on this. Regarding the "migration", I did my best to follow the instructions on migrating the VA according to "ESET PROTECT VA upgrade/migration". When I got to the end of the process I had this moment of "Oh, that is where this was leading me." I felt like I had done what was wanted, but not understanding the process when you are following the instructions can cause mistakes that go undetected. But that said, I think it worked. The VA has the following characteristics: OS Type Linux OS Version 7.9.2009 OS Name CentOS ESET Management Agent 8.0.2216.0 ESET PROTECT Server 8.0.2216.0 ESET Rogue Detection Sensor 1.1.615.1 I inserted the directive in the proxy.conf and now (last half hour) I am not seeing the AH01797 errors. Or any other errors for that matter. In the httpd/access_log I am seeing lines like this: xxx.xxx.xxx.xxx - - [29/Dec/2020:11:20:31 +0100] "GET hxxp://i5.c.eset.com:80/v1/auth/4076C93323263A9A5E59/updlist/32/eid/108026/lid/108029 HTTP/1.1" 200 62 "-" "-" The IP address is from my test pc that is set to use the VA proxy for updates. Am I correct in assuming that things are working properly now? Can I now use the proxy for all of my PCs or should I look somewhere else to verify that it is working properly? Best regards! Link to comment Share on other sites More sharing options...
ESET Staff MartinK 383 Posted December 30, 2020 ESET Staff Share Posted December 30, 2020 On 12/29/2020 at 11:24 AM, Timotheus said: The IP address is from my test pc that is set to use the VA proxy for updates. Am I correct in assuming that things are working properly now? Can I now use the proxy for all of my PCs or should I look somewhere else to verify that it is working properly? Best regards! I would just double check that ESET products can successfully update before enabling globally, to be sure you won't have issues with this, as it is most crucial for security to have access to latest updates and possibly also communication with eset services. Link to comment Share on other sites More sharing options...
Recommended Posts