Applicable to:
- Plesk for Linux
Symptoms
-
Apache cannot be started if ModSecurity is enabled.
-
The following error appears in
/var/log/plesk/panel.log
with the enabled debug logging:CONFIG_TEXT: ERR [panel] Unable to start service:
Unable to manage service by apache_control_adapter: ('start', 'web').
Error: Jan 13 17:42:26 uknet.eu systemd[1]: Starting The Apache HTTP Server...
httpd[9828]: AH00526: Syntax error on line 24 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/tortix_waf.conf:
httpd[9828]: ModSecurity: failed to load IPs from: /etc/asl/whitelist
Could not open ipmatch file "/etc/asl/whitelist": No such file or directory -
aum.x86_64
package is missing:# rpm -qa | grep aum
<empty output>
# dpkg -l | grep aum
<empty output>
Cause
Corrupted Modsecurity installation.
Resolution
-
Connect to the server via SSH.
-
Install the missing package:
# yum install aum --enablerepo tortix-common -y
If the step above did not help, install aum manually:
# wget -q -O - https://updates.atomicorp.com/installers/aum | sh
# wget -q -O - https://www.atomicorp.com/RPM-GPG-KEY.art.txt | apt-key add -
# apt-get update
# apt-get install aum -y
If the above actions did not help consider applying the following workaround:
- Log in to Plesk.
- Go to Tools & Settings > Web Application Firewall (ModSecurity) and enable the web application firewall.
- Set ruleset to any non-atomic ruleset, for example, Comodo and press OK to apply changes.
- After that, again open Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab and switch to the Atomic ruleset.
Comments
5 comments
Hi Alexander Tsmokalyuk,
Please note an update to first CLI is advised:
Also, third CLI could not be run, as:
It still does not work.
[Mon May 29 04:45:30.534469 2023] [core:warn] [pid 31687:tid 140470375770240] AH00111: Config variable ${} is not defined [Mon May 29 04:45:30.534531 2023] [core:warn] [pid 31687:tid 140470375770240] AH00111: Config variable ${} is not defined [Mon May 29 04:45:30.534533 2023] [core:warn] [pid 31687:tid 140470375770240] AH00111: Config variable ${} is not defined [Mon May 29 04:45:30.534534 2023] [core:warn] [pid 31687:tid 140470375770240] AH00111: Config variable ${} is not defined [Mon May 29 04:45:30.534535 2023] [core:warn] [pid 31687:tid 140470375770240] AH00111: Config variable ${} is not defined AH00526: Syntax error on line 220 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/10_asl_rules.conf: Error creating rule: Could not open phrase file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/sql.txt": No such file or directory
Doesn't work!
Same here. CentOS 7.9.
Please re-vise the solution and provide a working fix. TY.
My error message (when logging in to Plesk):
In my case aum package is installed
I've tried to upgrade modsecurity but there are no new versions. It looks like the latest update of this package screwed some things up.
Please sign in to leave a comment.