Symptoms
-
On a Plesk for Linux server, Apache fails to start with the following error shown on the Plesk Home page:
Template_Exception: AH00526: Syntax error on line 24 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/tortix_waf.conf:
ModSecurity: failed to load IPs from: /etc/asl/whitelist Could not open ipmatch file "/etc/asl/whitelist": No such file or directory -
Enabling ModSecurity in the menu Tools & Settings > Web Application Firewall (ModSecurity) fails:
modsecurity_ctl failed: START httpd_modules_ctl --enable security2,unique_id apache_control_adapter[29113]: apache_action(restart): invoke_httpd_action failed, trying second time
modsecurity_ctl failed: [Errno 2] No such file or directory: '/var/asl/bin/aum': '/var/asl/bin/aum' -
The following error is shown in the menu Tools & Settings > Web Application Firewall (ModSecurity):
Failed to update the ModSecurity rule set: modsecurity_ctl failed: Command '['sed', '-i', '-e', 's#^MODSEC_RULES_PATH\\s*=.*#MODSEC_RULES_PATH="/etc/httpd/conf/modsecurity.d/rules/tortix/modsec"#g', '-e', 's#^RESTART_APACHE\\s*=.*#RESTART_APACHE="no"#g', '-e', 's#^AUTOMATIC_UPDATES\\s*=.*#AUTOMATIC_UPDATES="no"#g', '-e', 's#^MODSEC_50_PLESK\\s*=.*#MODSEC_50_PLESK="yes"#g', '/etc/asl/config']' returned non-zero exit status 2.
-
Atomic Standard rule set is in use.
Cause
Issue on the Atomic side, fixed in the update of the aum package (updater of Atomic rule set) 6.0.48-29386.
Resolution
- Connect to the server using SSH.
- Update the
aumpackage to the latest version:
# touch /var/awp/etc/config
# aum -u - Log into Plesk.
- Go to Tools & Settings > Web Application Firewall (ModSecurity).
- Change Rule set option to Comodo rule set and click OK or Apply.
- Change Rule set option back to Atomic Standard rule set and click OK or Apply.
Note: I'll leave it as internal because when Atomic fixes the issue it will be easier to switch back via UI and not mess with this file.
-
Connect to the server via SSH
-
Create the
/etc/asl/whitelistfile with your favorite command-line text editor and enter the following as content within it:127.0.0.1/8
-
Save the changes
- Adjust permissions to the file:
# chown tortix:root /etc/asl/whitelist -
Go to Tools and settings > Web application firewall (Modsecurity)
-
Turn the WAF on and switch to the Atomic ruleset
Comments
31 comments
Ahh Atomic... I'm using Atomic Advanced (bought from Plesk). I hope you resolve this issue quickly. Workaround works. Thanks.
I was wondering the same thing. I broke one of my servers trying to find out if the problem is fixed. I applied Atomic Advanced Rule set, no errors. But then i discovered that the web server is not servig content correctly. In some instances i was getting a Apache default page.
I ended up deinstalling modesecurity and disabling Reverse Proxy Server (nginx).
@ 翔 中村
I just created the file
(with a blankspace as content) and ran "aum -u" again ... did work for me ...
I don't think so. I can lunch "aum -u" and the update goes fine but when I try to switch from "Comodo" to "Atomic Standard free" I have this error:
"modsecurity_ctl failed: [Errno 2] No such file or directory: '/var/asl/bin/aum': '/var/asl/bin/aum"
Still showing an error after updating AUM:
modsecurity_ctl failed: [Errno 2] No such file or directory: '/var/asl/bin/aum': '/var/asl/bin/aum'
I was able to enable Atomic rule after running "aum -u" but the rules list is empty. Seems like it's still broken.
Donnie Weaver hi!, we have direct communication with Atomic internally. Once they fix the issue we will publish it in this article.
"aum -u" did work for me without errors on 3 servers, provided I first switched back to Atomic Advanced (bought from Plesk) from Comodo free, before running the update.
I did not need to toggle to Comodo, then back to Atomic, afterwards.
I discovered on the first server attempt if I left Comodo free selected before running "aum -u" it resulted in "error: account validation failed", which I guess makes sense.
Glad to have this resolved. Wish everyone else all the best on this issue.
Fabien ARAUJO
Try this:
Then try to switch back to Atomic Standard and if you get an error that says:
"modsecurity_ctl failed: [Errno 2] No such file or directory: '/var/asl/bin/aum': '/var/asl/bin/aum'"
Running aum -u results in the following error
Can you please tell me how to solve this problem?
Had similar issues as some other comments. At first, couldn't update the rules back to Atomic in Plesk then couldn't run aum -u because of config errors. Noticed config file was present but was the settings were the defaults, not Plesk's (USERNAME="plesk_global_unpaid", UPDATE_PATH="/channels/rules/plesk", etc.). Uninstalling then reinstalling ModSecurity fixed all of the errors.
I see this post is updated but I don't see any fix. News?
A fix has been posted but results in the following error:
[root@~]# aum -u
Atomic Updater
Analyzing system ... error:account validation failed
Tried Steven's suggestion of uninstalling / reinstalling, I still see this error after attempting to switch back to Atomic Standard (Apache ModSecurity 2.9):
modsecurity_ctl failed: [Errno 2] No such file or directory: '/var/asl/bin/aum': '/var/asl/bin/aum'
Very bad bug! Many thanks for the workaround but this is causing a lot of unexpected downtime.
Someone who could help with this?
Spoke with support regarding the No such file or directory error, the solution is to re-link the binary:
On CentOS 7 I get this error after running aum -u
Warning: fopen(): failed to open stream: No such file or directory in component/c_modsec.php on line XXX
and this one
c_modsec::tortix_conf_generat An error occurred attempting to read file /var/asl/data/templates/template-tortix_waf.conf
FIX for me was to do:
1. cd /var/asl/bin
ls -la /var/asl/bin directory was empty (after running aum -u first time)
2. ln /var/awp/bin/aum aum
3. run aum -u again, no error
4. goto Web UI and enable / switch to Atomic Advanced (bought from Plesk)
Some level of communication from Plesk and/or Atomic here would be great. I was told by Plesk support to follow this page for updates. It's concerning many days have passed with no information.
Hello Steve,
The thing is, the error happens due to a missing file from Atomic installation and config file syntax is perfectly okay. So there is no way to pre-test it from the Plesk side.
Has anyone had success with the resolution of running "aum -u" and enabling Atomic Advanced (bought from Plesk) without issue and back to normal?
These last two posts from Filippo Casti and Nicolas Labbe don't inspire confidence this issue is indeed resolved. Thanks.
Just confirming this is still an active bug.
1) Reinstalled the modsecurity module via plesk manager
2) modsecurity_ctl failed: [Errno 2] No such file or directory: '/var/asl/bin/aum': '/var/asl/bin/aum'
3) applied the "fix" (touch directory / update aum / select different ruleset)
4) Still same error; error in logs show:
Atomic Updater
Analyzing system ... done
Checking for updates ...
Core packages : -> 6.0.51-30252 ...errors occured, see /var/awp/log/aum.log for details
Atomicorp WAF Rules : 202309030003 is current
Checking post install ownerships ...
Applying updates ...
Applying WAF rule updates ... ok
All tasks complete.
Errors were encountered while updating. See /var/awp/log/aum.log for more detail.
When looking into the aum.log, it looks like there is a problem with the ModSecurity package from Plesk:
0 init updater
0 awp_update.PackagesDownload:checking: aum libapache2-mod-security2
0 awp_update.PackagesDownload:error:/usr/bin/apt-get -y -o Dpkg::Options::="--force-confold" upgrade aum libapache2-mod-security2
0 awp_update.PackagesDownload:error:100
0 awp_update.PackagesDownload:error:Reading package lists...
Building dependency tree...
Reading state information...
aum is already the newest version (6.0.50-30038bionic).
Calculating upgrade...
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
libapache2-modsecurity-plesk : Conflicts: libapache2-mod-security2
0 awp_update.PackagesDownload:error:err:E: Broken packages
Re-installing the package via plesk did not work, as stated under step 1). Any ideas?
Running Ubuntu 18.04, Plesk Obsidian 18.0.52
Will this page be updated once the bug is fixed?
Fix for me was:
modsecurity_ctl failed: START httpd_modules_ctl --enable security2,unique_id
apache_control_adapter[16503]: apache_action(restart): invoke_httpd_action failed, trying second time
INFO: [Tue Jun 13 18:34:23 CEST 2023]: Service: apache, Action: start
Trying to start service httpd... failed
Jun 13 18:34:23 X systemd[1]: Starting The Apache HTTP Server...
Jun 13 18:34:23 X httpd[16955]: AH00526: Syntax error on line 24 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/tortix_waf.conf:
Jun 13 18:34:23 X httpd[16955]: ModSecurity: failed to load IPs from: /etc/asl/whitelist Could not open ipmatch file "/etc/asl/whitelist": No such file or directory
Jun 13 18:34:23 X systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Jun 13 18:34:23 X systemd[1]: Failed to start The Apache HTTP Server.
Jun 13 18:34:23 X systemd[1]: Unit httpd.service entered failed state.
Jun 13 18:34:23 X systemd[1]: httpd.service failed.
***** problem report *****
Warning: start service httpd failed
/usr/local/psa/admin/sbin/pleskrc execution failed:
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
/usr/local/psa/admin/sbin/pleskrc execution failed:
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
Because of this bug, I've switched off Mod Security and now I can't turn it back on.. Even if I try to use Comodo.
modsecurity_ctl failed: START httpd_modules_ctl --enable security2,unique_id apache_control_adapter[38496]: apache_action(restart): invoke_httpd_action failed, trying second time
EDIT: I was able to enable it by running the CLI command provided in the article, and then putting modsec back on in plesk.
It works for me.
But after, when I tried to enable waf from the waf management web screen,
I got the following error.
ERROR: TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given (Apache.php:172)
Search for related Knowledge Base articles
Is something wrong?
I ran the "aum -u" command and got an error.
# aum -u
Atomic Updater
Analyzing system ... error:failed to load config:File not found: /var/awp/etc/config
#
aum -u
Atomic Updater
Analyzing system ... error:failed to load config:File not found: /var/awp/etc/config
Filippo Casti the supposed solution is "aum -u"
Please sign in to leave a comment.