Applicable to:
- Plesk Onyx 17.5 for Linux
- Plesk for Linux
Symptoms
- ModSecurity is installed on the server.
- Execution of
# aum -u
gives the following result:
# aum -u
Checking versions ...
ASL version is current: [PASS]
Updating Web Application Firewall to 201704031637: updated [PASS]
-------------------------------------------------------------------
Errors were encountered:
L CODE SOURCE MESSAGES
- ---- ------ --------------------------------------------------------------
2 9901 ASLCommon::cmd_system ERROR: '/bin/cp -af /var/asl/rules/modsec/template-* /var/asl/data/temp[lates/ >/dev/null 2>&1 (1)'
2 9901 ASLCommon::cmd_system ERROR: '/usr/sbin/apachectl -t >/dev/null 2>$1 (1)'
2 601 c_modsec::apply_rules There is a problem with the apache config: [Fri Apr 07 17:09:15.588579 2017] [so:warn] [pid 11445:tid 140533768259648] Ah01574 : module unique_id_module is already loaded, skipping||[Fri Apr 07 17:09:15.629545 2017] [so:warn] [pid 11445:tld 140533768259648] AH01574: module security2_module is already loaded, skipping||AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf:||ModSecurity: Found another rule with the same id
2 601 c_modsec::apply_rules There is a problem with the apache config: Rolling back to the previous update
3 600 c_modsec::apply_rules Errors occured with Apache - While trying to restart Apache service, it fails with the following error:
# service httpd status
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code)
Apr 07 17:09:48 server.name httpd[11491]: AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf:
Apr 07 17:09:48 server.name httpd[11491]: ModSecurity: Found another rule with the same id
Apr 07 17:09:48 server.name kill[11493]: kill: cannot find process ""
Hint: Some lines were ellipsized, use -l to show in full.
Cause
aum -u
creates it's own configuration file /etc/httpd/conf.d/00_mod_security.conf
which contains duplicate directives from /etc/httpd/conf.d/security2.conf
.
Resolution
Note: aum -u
it's a native modsecurity utility to update its rules that must not be executed on Plesk server because Plesk uses its own mechanism to update modsecurity rules.
- Connect to the server via SSH.
-
Remove all from
for CentOS/RHEL-based distributions:00_mod_security.conf
# echo "" > /etc/httpd/conf.d/00_mod_security.conf
for Debian/Ubuntu-based distributions:
# echo "" > /etc/apache2/conf.d/00_mod_security.conf
- Restart Apache:
for CentOS/RHEL-based distributions:
# service httpd restart
for Debian/Ubuntu-based distributions:# service apache2 restart
- Create a Plesk database backup.
- Login to Plesk database:
# plesk db
- Remove orphaned records from the Configurations table with the following query:
MYSQL_LIN: delete from Configurations where status <> 'ok';
Comments
0 comments
Please sign in to leave a comment.