Control Web Panel
Security => Mod_Security => Topic started by: Paul on May 05, 2017, 01:42:13 PM
-
Having an issue with my Mod_Security. Says it's installed but I get a 404 on the test. The last 20 lines matching mod_security of the error log are from a few weeks ago. I've tried uninstalling/reinstalling a few times but still get the same thing. I also always get this:
Loaded plugins: fastestmirror, replace
Setting up Update Process
Loading mirror speeds from cached hostfile
* base: www.gtlib.gatech.edu
* extras: www.gtlib.gatech.edu
* rpmforge: mirror.lstn.net
* updates: www.gtlib.gatech.edu
Package(s) cwp-httpd available, but not installed.
No Packages marked for Update
Loaded plugins: fastestmirror, replace
Setting up Reinstall Process
Loading mirror speeds from cached hostfile
* base: www.gtlib.gatech.edu
* extras: www.gtlib.gatech.edu
* rpmforge: mirror.lstn.net
* updates: www.gtlib.gatech.edu
Package(s) cwp-httpd available, but not installed.
Mod Security configuration is: installed [test]
-
try checking that you have the latest version
update cwp
sh /scripts/update_cwp
and then uninstall and again install modsecurity
-
I ran the command. Uninstalled a reinstalled.
CWPpro version: 0.9.8.230
Same thing is happening.
After the page loads for install it ends with an error that disappears after i reload the page.
Reloading httpd: not reloading due to configuration syntax error
[FAILED]
Everything appears to be working apart from mod_security
-
try again update and then remove and install mod_sec
-
After update and reinstall same thing as described before
CWPpro version: 0.9.8.231
-
I tried again with the new release and still the same.
CWPpro version: 0.9.8.233
-
try checking in the apache logs after restart if modsecurity is loaded
tail -f /usr/local/apache/logs/*log
-
Kept getting an error on the apache restart and couldn't get it going:
Starting httpd: httpd: Syntax error on line 507 of /usr/local/apache/conf/httpd.conf: Syntax error on line 5 of /usr/local/apache/conf.d/mod_security.conf: Cannot load modules/mod_security2.so into server: /usr/local/apache/modules/mod_security2.so: undefined symbol: apr_crypto_block_cleanup
[FAILED]
I removed mod_security and the apache went back up by itself.
I ran the command tail -f /usr/local/apache/logs/*log
and the whole webpanel interface locked up. Right now I'm unable to get into any web panel URLs. I have a few domains there that seem to be working ok. I'm going to wait a bit to see what happens.
-
Still unable to access web panel.
With command line i am able to run service cwpsrv restart with OKs
Also run service iptables stop with OKs
Web access to web panel hangs and finally loads 504 Gateway Time-out.
-
Starting httpd: httpd: Syntax error on line 507 of /usr/local/apache/conf/httpd.conf: Syntax error on line 5 of /usr/local/apache/conf.d/mod_security.conf: Cannot load modules/mod_security2.so into server: /usr/local/apache/modules/mod_security2.so: undefined symbol: apr_crypto_block_cleanup
[FAILED]
Reinstall apache/suphp and then again try to install mod_sec
yum reinstall cwp-httpd cwp-suphp
Still unable to access web panel.
With command line i am able to run service cwpsrv restart with OKs
Also run service iptables stop with OKs
Web access to web panel hangs and finally loads 504 Gateway Time-out.
For cwp restart try this command
sh /scripts/restart_cwpsrv
-
I did a reboot of the VPS before I read your reply.
I ran the command "yum reinstall cwp-httpd cwp-suphp" that told me "available but not installed Error nothing to do"
I ran the command "sh /scripts/restart_cwpsrv" all with OKs
Now getting this trying to access panel:
Warning: [obfuscated](): (HY000/2002): No such file or directory in /usr/local/cwpsrv/htdocs/admin/admin/index.php on line 0
Warning: [obfuscated](): (HY000/2002): No such file or directory in /usr/local/cwpsrv/htdocs/admin/admin/index.php on line 0
Trying to start mysql server, please wait!
Try to restart CentOS Web Panel with command: sh /scripts/restart_cwpsrv
**Check your MySQL root password in: /usr/local/cwpsrv/htdocs/resources/admin/include/db_conn.php and /root/.my.cnf
Warning: [obfuscated]() expects exactly 1 parameter, 0 given in /usr/local/cwpsrv/htdocs/admin/admin/index.php on line 0
Could not connect:
-
Today I woke up to the web panel working. :) No changes on my end since yesterday.
Right now I have mod_security uninstalled.
CWPpro version: 0.9.8.233
-
Checked out the error log.
Apart from client access errors to nonexistent wordpress urls there is this or similar that repeats in the error log:
[Sun May 07 17:06:15.034712 2017] [mpm_event:notice] [pid 20557:tid 140027027576640] AH00491: caught SIGTERM, shutting down
[Sun May 07 17:06:16.024503 2017] [ssl:warn] [pid 29539:tid 139780304582464] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Sun May 07 17:06:16.026328 2017] [mpm_event:notice] [pid 29539:tid 139780304582464] AH00489: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips configured -- resuming normal operations
[Sun May 07 17:06:16.026374 2017] [core:notice] [pid 29539:tid 139780304582464] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Sun May 07 17:06:32.043102 2017] [mpm_event:notice] [pid 29539:tid 139780304582464] AH00494: SIGHUP received. Attempting to restart
[Sun May 07 17:06:32.059456 2017] [ssl:warn] [pid 29539:tid 139780304582464] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Sun May 07 17:06:32.061031 2017] [mpm_event:notice] [pid 29539:tid 139780304582464] AH00489: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips configured -- resuming normal operations
-
ame issue with the latest release:
CWPpro version: 0.9.8.234
Still the same error at the end of install:
Mod Security Successfully Installed
Reloading httpd: not reloading due to configuration syntax error
[FAILED]
Also still 404 on the test instead of 403
-
What's the configuration error?
-
It doesn't say anything more. Would I find the reason elsewhere?
I looked in the error log but didn't say anything about the mod_security install
-
Look in the /usr/local/apache/conf/httpd.conf file to see if the latest update didn't append these lines:
Include /usr/local/apache/conf/sharedip.conf
Include /usr/local/apache/conf.d/*.conf
ExtendedStatus On
Make sure they are not duplicate.
It happened to me today, after the httpd update.
-
No duplication there.
Thanks for the input