Author Topic: apache wont restart after enabling mod_security.  (Read 1786 times)

0 Members and 2 Guests are viewing this topic.

Offline
*
apache wont restart after enabling mod_security.
« on: June 25, 2024, 08:51:16 PM »
For some reason when you install mod_security the config file for it has an extra line:

LoadFile /usr/lib64/

Which errors out Apache when loading:

httpd: Syntax error on line 512 of /usr/local/apache/conf/httpd.conf: Syntax error on line 2 of /usr/local/apache/conf.d/mod_security.conf: Cannot load /usr/lib64/ into server: /usr/lib64/: cannot read file data: Is a directory


Removing that line makes it load fine.  Not sure if another file was supposed to be loaded by that line.   

Currently testing CWP on Alma Linux 9.4


Thanks!

Offline
*****
Re: apache wont restart after enabling mod_security.
« Reply #1 on: June 25, 2024, 11:02:56 PM »
EL9 support is still in beta with CWP. Test for that error when it is fully production ready for AlmaLinux 9

Offline
*****
Re: apache wont restart after enabling mod_security.
« Reply #2 on: June 27, 2024, 10:57:25 PM »
There seems to be a install problem.

Code: [Select]
nano /usr/local/apache/conf.d/mod_security.conf
Line 2 – Add – liblua-5.4.so to the end.

Code: [Select]
systemctl start httpd
« Last Edit: June 27, 2024, 11:00:39 PM by Starburst »

Offline
*
Re: apache wont restart after enabling mod_security.
« Reply #3 on: August 04, 2024, 09:12:21 PM »
I am having this same issue after installing cwp on Alma-9.

Can anyone share how they might have solved it?

Offline
*****
Re: apache wont restart after enabling mod_security.
« Reply #4 on: August 06, 2024, 11:22:53 AM »
What is the error message Apache is giving?

From what I've seen, the above fixes it.

Offline
*
Re: apache wont restart after enabling mod_security.
« Reply #5 on: August 06, 2024, 12:40:21 PM »
Its resolved now

Offline
*
Re: apache wont restart after enabling mod_security.
« Reply #6 on: August 29, 2024, 08:24:00 AM »
how to solve this problem. plss help.;

Offline
*
Re: apache wont restart after enabling mod_security.
« Reply #7 on: August 29, 2024, 08:32:30 AM »
Its resolved now
edit mod_security.conf
nano /usr/local/apache/conf.d/mod_security.conf


LoadFile /usr/lib64/libxml2.so
LoadFile /usr/lib64/         <<<----------------remove this line.

<IfModule !unique_id_module>
LoadModule unique_id_module modules/mod_unique_id.so
</IfModule>

<IfModule !mod_security2.c>
LoadModule security2_module  modules/mod_security2.so
</IfModule>

<IfModule mod_security2.c>
    <IfModule mod_ruid2.c>
        SecAuditLogStorageDir /usr/local/apache/logs/modsec_audit
        SecAuditLogType Concurrent
    </IfModule>
    <IfModule itk.c>
        SecAuditLogStorageDir /usr/local/apache/logs/modsec_audit
        SecAuditLogType Concurrent
    </IfModule>
« Last Edit: August 29, 2024, 08:35:58 AM by hatnaa »

Offline
*****
Re: apache wont restart after enabling mod_security.
« Reply #8 on: August 29, 2024, 11:25:17 AM »
Actually the fix is to add - liblua-5.4.so
to the end of that line for AlmaLinux.

After it should read:

Code: [Select]
LoadFile /usr/lib64/liblua-5.4.so
This fix was mentioned above, and has been tested and works on all of our new servers.

Offline
*
Re: apache wont restart after enabling mod_security.
« Reply #9 on: October 09, 2024, 05:51:25 PM »
Actually the fix is to add - liblua-5.4.so
to the end of that line for AlmaLinux.

After it should read:

Code: [Select]
LoadFile /usr/lib64/liblua-5.4.so
This fix was mentioned above, and has been tested and works on all of our new servers.

Thank you so much!

Offline
***
Re: apache wont restart after enabling mod_security.
« Reply #10 on: October 24, 2024, 09:17:45 AM »
EL9 support is still in beta with CWP. Test for that error when it is fully production ready for AlmaLinux 9

Hi,

Is AL9 support with CWP still beta?

AL?

BR
Venty

Offline
*****
Re: apache wont restart after enabling mod_security.
« Reply #11 on: October 24, 2024, 09:32:33 AM »
All new servers we've activated have AL9 (AlmaLinux 9).

It installs a little different, but seems to be working well.
If you need PHP below 7.4, then you'll still have to install CWP on AL8 (AlmaLinux 8 )

[Edited for typeo's]
« Last Edit: October 24, 2024, 09:35:47 AM by Starburst »

Offline
***
Re: apache wont restart after enabling mod_security.
« Reply #12 on: October 24, 2024, 09:45:06 AM »
All new servers we've activated have AL9 (AlmaLinux 9).

It installs a little different, but seems to be working well.
If you need PHP below 7.4, then you'll still have to install CWP on AL8 (AlmaLinux 8 )

[Edited for typeo's]

Hi,

you last recommended me this installation:

https://forum.centos-webpanel.com/apache/issues-with-brand-new-fresh-install-with-almalinux-9-4/msg49150/#msg49150

but at the end it says that you are using an internal installation guide:

"We are always tweaking the AL9 install process, that's just a small fraction of the current AL9 internal guide we use that is 12 pages long. :/"

....is it possible to have a look at it….

Thanks in advance!

BR
Venty

Offline
*****
Re: apache wont restart after enabling mod_security.
« Reply #13 on: October 24, 2024, 09:54:09 AM »
The only things not mentioned in the link where like setting the time zone, DNS servers, setting hostname, adding SWAP (if needed), Kernel upgrade, upgrading MariaDB, security tweaks, and install monitoring and reporting tools.

Everyone has their own preferences when it comes to stuff like that.


Here are some links for updates that we would recommend after a new installation:

https://www.alphagnu.com/topic/43-disable-php-mail-function-in-cwp-%E2%80%93-control-webpanel/

https://www.alphagnu.com/topic/24-cwp-%E2%80%93-control-web-panel-install-latest-apache-2462-version/

https://www.alphagnu.com/topic/28-cwp-apache-restore-original-visitor-ips-with-mod_remoteip-when-using-cloudflare-proxy/

https://www.alphagnu.com/topic/33-update-cwp-roundcube-mail-version-156-%E2%80%93-control-web-panel/

https://www.alphagnu.com/topic/508-solution-for-returning-attackers-when-restarting-csf/


CWP has a support wiki on how to upgrade MariaDB also.
The current 2 LTS are 10.11 and 11.4.