Websites show 502 Bad Gateway and Apache cannot be started: SecRule takes two or three arguments

Created:

2016-11-16 13:19:55 UTC

Modified:

2017-08-08 13:42:35 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Websites show 502 Bad Gateway and Apache cannot be started: SecRule takes two or three arguments

Applicable to:

  • Plesk 12.0 for Linux

Symptoms

  1. Websites show 502 Bad Gateway error.

  2. Apache web server is down and cannot be started with the error:

    # service httpd start
    Starting httpd: [Thu Sep 08 17:45:15 2016] [warn] module unique_id_module is already loaded, skipping
    Syntax error on line 35 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/00_asl_z_antievasion.conf:
    SecRule takes two or three arguments, rule target, operator and optional action list
    [FAILED]
  3. Attempt to disable ModSecurity from Plesk fails with the error:

    Error: modsecurity_ctl failed: grep: /etc/httpd/conf/modsecurity.d: Is a directory
    grep: /etc/httpd/conf/plesk.conf.d: Is a directory

Cause

Broken ModSecurity apache configuration.

Resolution

  1. Backup modsecurity.d directory and /etc/httpd/conf.d/00_mod_security.conf file

    # mv /etc/httpd/conf/modsecurity.d{,.saved}
    # mv /etc/httpd/conf.d/00_mod_security.conf{,.saved}
  2. Update ModSecurity rules:

    # /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateModSecurityRuleSet
  3. Start Apache:

    # service httpd start
Have more questions? Submit a request
Please sign in to leave a comment.