Articles in this section

Apache fails to start on a Plesk server: ModSecurity: failed to load IPs from: /etc/asl/whitelist Could not open ipmatch file "/etc/asl/whitelist": No such file or directory

Taras Ermoshin
Updated
Plesk for Linux kb: technical

Symptoms

  • On a Plesk for Linux server, Apache fails to start with the following error shown on the Plesk Home page:

    Template_Exception: AH00526: Syntax error on line 24 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/tortix_waf.conf:
    ModSecurity: failed to load IPs from: /etc/asl/whitelist Could not open ipmatch file "/etc/asl/whitelist": No such file or directory

  • Enabling ModSecurity in the menu Tools & Settings > Web Application Firewall (ModSecurity) fails:

    modsecurity_ctl failed: START httpd_modules_ctl --enable security2,unique_id apache_control_adapter[29113]: apache_action(restart): invoke_httpd_action failed, trying second time
    modsecurity_ctl failed: [Errno 2] No such file or directory: '/var/asl/bin/aum': '/var/asl/bin/aum'

  • The following error is shown in the menu Tools & Settings > Web Application Firewall (ModSecurity):

    Failed to update the ModSecurity rule set: modsecurity_ctl failed: Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/httpd/conf/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '-e', 's#^MODSEC_50_PLESK\\s*=.*#MODSEC_50_PLESK="yes"#g', '/etc/asl/config']' returned non-zero exit status 2.

  • Atomic Standard rule set is in use.

Cause

Issue on the Atomic side, fixed in the update of the aum package (updater of Atomic rule set) 6.0.48-29386.

Resolution

  1. Connect to the server using SSH.
  2. Update the aum package to the latest version:

    # touch /var/awp/etc/config
    # aum -u

  3. Log into Plesk.
  4. Go to Tools & Settings > Web Application Firewall (ModSecurity).
  5. Change Rule set option to Comodo rule set and click OK or Apply.
  6. Change Rule set option back to Atomic Standard rule set and click OK or Apply.

Note: I'll leave it as internal because when Atomic fixes the issue it will be easier to switch back via UI and not mess with this file.

  1. Connect to the server via SSH

  2. Create the /etc/asl/whitelist file with your favorite command-line text editor and enter the following as content within it:

    127.0.0.1/8

  3. Save the changes

  4. Adjust permissions to the file:
    # chown tortix:root /etc/asl/whitelist

  5. Go to Tools and settings > Web application firewall (Modsecurity)

  6. Turn the WAF on and switch to the Atomic ruleset

Was this article helpful?

Comments

31 comments
Date Votes
  • Avatar
    Jet Set

    Just confirming this is still an active bug.

    1) Reinstalled the modsecurity module via plesk manager

    2) modsecurity_ctl failed: [Errno 2] No such file or directory: '/var/asl/bin/aum': '/var/asl/bin/aum'

    3) applied the "fix" (touch directory  / update aum / select different ruleset)

    4) Still same error; error in logs show:

    Atomic Updater

    Analyzing system ... done

    Checking for updates ...

    Core packages            :  -> 6.0.51-30252 ...errors occured, see /var/awp/log/aum.log for details
    Atomicorp WAF Rules      : 202309030003 is current

    Checking post install ownerships ...


    Applying updates ...

    Applying WAF rule updates ... ok


    All tasks complete.

    Errors were encountered while updating.  See /var/awp/log/aum.log for more detail.

    When looking into the aum.log, it looks like there is a problem with the ModSecurity package from Plesk:

    0 init updater
    0 awp_update.PackagesDownload:checking: aum libapache2-mod-security2
    0 awp_update.PackagesDownload:error:/usr/bin/apt-get -y -o Dpkg::Options::="--force-confold" upgrade aum libapache2-mod-security2
    0 awp_update.PackagesDownload:error:100
    0 awp_update.PackagesDownload:error:Reading package lists...
    Building dependency tree...
    Reading state information...
    aum is already the newest version (6.0.50-30038bionic).
    Calculating upgrade...
    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:

    The following packages have unmet dependencies:
     libapache2-modsecurity-plesk : Conflicts: libapache2-mod-security2

    0 awp_update.PackagesDownload:error:err:E: Broken packages

    Re-installing the package via plesk did not work, as stated under step 1). Any ideas?

    Running Ubuntu 18.04, Plesk Obsidian 18.0.52

    0

Please sign in to leave a comment.