Applicable to:
- Plesk for Linux
Symptoms
-
One of the following error messages is shown on the Home page in Plesk:
PLESK_ERROR: New configuration files for the Apache web server were not created due to the errors in configuration templates: [so:warn] [pid 55597:tid 140252507555968] AH01574: module unique_id_module is already loaded, skipping
httpd: Syntax error on line 353 of /etc/httpd/conf/httpd.conf: Syntax error on line 13 of /etc/httpd/conf.d/00_mod_security.conf: No matches for the wildcard '00*exclude.conf' in '/etc/httpd/modsecurity.d', failing (use IncludeOptional if required).
PLESK_ERROR: New configuration files for the Apache web server were not created due to the errors in configuration templates: [Wed Mar 21 12:25:31 2018] [warn] module security2_module is already loaded, skipping [Wed Mar 21 12:25:31 2018] [warn] module unique_id_module is already loaded, skipping Syntax error on line 35 of /etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf: ModSecurity: Found another rule with the same id .
-
Apache configuration checker reports one or both of the warnings below ("httpd -t" for CentOS/RHEL-based distributions, "apache2 -t" for Debian/Ubuntu-based distributions):
# httpd -t
[warn] module security2_module is already loaded, skipping
[warn] module unique_id_module is already loaded, skipping -
In some cases, Apache cannot be started.
Cause
The ModSecurity configuration file 00_mod_security.conf
contains duplicated records.
Resolution
-
Connect to the Plesk server via SSH.
-
Open the file
00_mod_security.conf
in a text editor. In this example, we are using the vi editor:# vi /etc/httpd/conf.d/00_mod_security.conf
-
Replace "Include" in the lines:
CONFIG_TEXT: Include modsecurity.d/00*exclude.conf
Include modsecurity.d/*asl*.conf
Include modsecurity.d/99*exclude.confwith "IncludeOptional":
CONFIG_TEXT: IncludeOptional modsecurity.d/00*exclude.conf
IncludeOptional modsecurity.d/*asl*.conf
IncludeOptional modsecurity.d/99*exclude.conf -
Save the changes and close the file.
-
Locate duplicated ModSecurity modules and disable them:
# grep -ir security2_module /etc/httpd/ && grep -ir unique_id_module /etc/httpd/
In case there is a module which is enabled twice in the output above, for example:
CONFIG_TEXT: /etc/httpd/conf.modules.d/00-base.conf:LoadModule unique_id_module modules/mod_unique_id.so
/etc/httpd/conf.modules.d/10-mod_security.conf: LoadModule unique_id_module modules/mod_unique_id.sodisable it by putting a # (hash) character at the beginning of the line in the file
00_mod_security.conf
:CONFIG_TEXT: #LoadModule security2_module ...
#LoadModule unique_id_module ... -
Restart Apache:
# service httpd restart
-
Repair web-server configuration:
# plesk repair web -y
-
Go to Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab and click OK to refresh ModSecurity settings.
-
Connect to the Plesk server via SSH.
-
Open the file
00_mod_security.conf
in a text editor. In this example, we are using the vi editor:# vi /etc/apache2/conf.d/00_mod_security.conf
-
Replace "Include" in the lines:
CONFIG_TEXT: Include modsecurity.d/00*exclude.conf
Include modsecurity.d/*asl*.conf
Include modsecurity.d/99*exclude.confwith "IncludeOptional":
CONFIG_TEXT: IncludeOptional modsecurity.d/00*exclude.conf
IncludeOptional modsecurity.d/*asl*.conf
IncludeOptional modsecurity.d/99*exclude.conf -
Locate duplicated ModSecurity modules and disable them:
# grep -ir security2_module /etc/apache2/ && grep -ir unique_id_module /etc/apache2/
In case there is a module which is enabled twice in the output above, for example:
CONFIG_TEXT: /etc/apache2/conf.d/00_mod_security.conf:LoadModule security2_module /usr/lib/apache2/modules//mod_security2.so
/etc/apache2/mods-available/security2.load:LoadModule security2_module /usr/lib/apache2/modules/mod_security2.sodisable it by putting a # (hash) character at the beginning of the line in the file
00_mod_security.conf
:CONFIG_TEXT: #LoadModule security2_module ...
#LoadModule unique_id_module ... -
Restart Apache:
# service apache2 restart
-
Repair web-server configuration:
# plesk repair web -y
-
Go to Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab and click OK to refresh ModSecurity settings.
Comments
11 comments
after updating Plesk / Atomic Basic ModSecurity, apache is completely down due to duplicate rule id.
i.e. /etc/apache2/conf.d/00_mod_security.conf
is being rebuilt.
#chattr + i /etc/apache2/conf.d/00_mod_security.conf
is a temporary fix. so that the file is no longer writable.
Hello @Gjimi,
Do you have any directives in Tools & Settings > Web Application Firewall > Settings > Custom directives?
What exact duplicate rules are in /etc/apache2/conf.d/00_mod_security.conf?
Could you check that there are no the same duplicate rules in a file /var/asl/data/templates/template-00_mod_security.conf?
it's not about rule ... everything is loaded twice.
so always two identical
/etc/apache2/mods-enabled/security2.conf
and again
/etc/apache2/conf.d/00_mod_security.conf
with content:
<IfModule security2_module>
SecDataDir /var/cache/modsecurity
IncludeOptional "/etc/apache2/modsecurity.d/*.conf"
</ IfModule>
at 00_mod_security.conf was still something, but the file is no longer or is now empty and no longer writable.
Hello @Gjimi,
I suggest investigating this issue further in the scope of a support request.
Please create a support request using instructions from the following article:
https://support.plesk.com/hc/en-us/articles/213608509
**SOLUTION**
This problem occurs when you have security2 and unique_id modules enabled in mods-enabled directory.
Simply fix this with (Debian/ubuntu):
Plesk should do a check for these apache module configs when the modsecurity application is enabled.
Hello @Rodrigo Perez,
Thank you for your input!
In the article it is described how to disable the module in ModSecurity itself.
However the solution, which is provided by you, can be applied as well.
Im using Imunify360 and got that error today. Solved it with that resolution. I think it happend after the latest Plesk obsidian update?
Hi Thomas Hellwig this issue was probably carried from the previous version. After upgrading to Obsidian Apache was restarted and the issue was hit.
Glad to hear the issue was resolved.
Is there any hope that this problem can be solved permanently and does not recur every two or three weeks? I set "IncludeOptional" and the rules are triple-loaded...
Hello Dennis Köhler
I recommend creating a support request to check this.
Looks like the additional investigation is required.
I found today this error on one server:
Syntax error on line 35 of /etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf:||ModSecurity: Found another rule with the same id'
On Ubuntu nothing looks like you described in article:
/etc/apache2/conf.d/00_mod_security.conf:
nothing is there
@Rodrigo Perez Thanks. Your solution helped me.
Please sign in to leave a comment.