Symptoms
Apache web-server fails to start with the following error message in configuration:
Note: The name of the ModSecurity rule-set in the error message may vary.
-
on CentOS/RHEL-based distributions
# httpd -t
httpd: Syntax error on line 353 of /etc/httpd/conf/httpd.conf: Syntax error on line 5 of /etc/httpd/conf.d/security2.conf: Syntax error on line 6 of /etc/httpd/conf/modsecurity.d/zz_rules.conf: No matches for the wildcard '*.conf' in '/etc/httpd/conf/modsecurity.d/rules/modsecurity_crs-plesk', failing (use IncludeOptional if required) -
on Debian/Ubuntu-based distributions:
# apache2ctl -t
apache2: Syntax error on line 141 of /etc/apache2/apache2.conf: Syntax error on line 4 of /etc/apache2/mods-enabled/security2.conf: Syntax error on line 6 of /etc/apache2/modsecurity.d/zz_rules.conf: No matches for the wildcard '*.conf' in
'/etc/apache2/modsecurity.d/rules/tortix', failing (use IncludeOptional if required)
Cause
The ModSecurity configuration file zz_rules.conf contains links to non-existent files.
Resolution
To solve the issue need to update the zz_rules.conf and replace "Include" option with "IncludeOptional".
-
Connect to the Plesk server via SSH.
-
Open the file
zz_rules.confin a text editor. In this example, we are using the vi editor:# vi /etc/httpd/conf/modsecurity.d/zz_rules.conf
-
Replace
"Include"with"IncludeOptional"in all lines. -
Save the changes and close the file.
-
Start Apache:
# service httpd start
-
Log in to Plesk > go to Tools & Settings > Web Application Firewall (ModSecurity) and activate ModSecurity.
-
Connect to the Plesk server via SSH.
-
Open the file
zz_rules.confin a text editor. In this example, we are using the vi editor:# vi /etc/apache2/modsecurity.d/zz_rules.conf
-
Replace
"Include"with"IncludeOptional"in all lines. -
Save the changes and close the file.
-
Start Apache:
# service apache2 start
-
Log in to Plesk > go to Tools & Settings > Web Application Firewall (ModSecurity) and activate ModSecurity.
Comments
0 comments
Please sign in to leave a comment.