Issue
The following error occurs when trying to run the modsec_set_setting command:
ERROR [2020-07-01 11:54:07,272] im360.subsys.panels.cpanel.mod_security: whmapi modsec_set_setting command failed:
The system could not validate the new Apache configuration because httpd exited with a nonzero value. Apache produced the following error:
httpd: Syntax error on line 268 of /etc/apache2/conf/httpd.conf: Syntax error on line 32 of /etc/apache2/conf.d/modsec2.conf:
Syntax error on line 29 of /etc/apache2/conf.d/modsec/modsec2.cpanel.conf: Could not open configuration file /etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/000_i360_0.conf: No such file or directory
Or the next error occurs in Imunify360 error.log:
WARNING [2021-12-13 21:55:51,465] im360.subsys.panels.update_hooks: Can't update
ip-record.db, reason: [Errno 2] No such file or directory:
'/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-litespeed/ip-record.db'
Environment
- Imunify360
- ModSecurity
- WHM/cPanel
- Any OS
Solution
- Remove Imunify360 vendor ruleset
- Backup the datastore
- Install Imunify360 vendor
- Check the Apache configuration
- Restart webserver
- Test the Imunify360 ruleset
1. Remove Imunify360 vendor ruleset
Check if the server has other syntax errors.
httpd -t
Possible syntax errors should be resolved. Otherwise, this may make it impossible to delete the IM360 ruleset.
Then, remove the Imunify360 vendor ruleset by running the following command:
# imunify360-agent uninstall-vendors
Note: If the command fails with an error like the following:
# imunify360-agent uninstall-vendors
OK
Sentry is attempting to send 1 pending error messages
Waiting up to 2.0 seconds
Try to remove the ruleset using cPanel tools (change the imunify360-full-apache with installed ruleset):
# /scripts/modsec_vendor remove imunify360-full-apache
2. Backup the datastore
Backup the datastore by running the following command:
# mv /var/cpanel/modsec_cpanel_conf_datastore /var/cpanel/_modsec_cpanel_conf_datastore_bck
# mv /var/cpanel/modsec_cpanel_conf_datastore.cache /var/cpanel/_modsec_cpanel_conf_datastore_cache_bck
3. Install Imunify360 vendor
Install Imunify360 vendor by running the following command:
# imunify360-agent install-vendors
4. Check the Apache configuration
Install the Apache configuration by running the following commands:
# httpd -t
# apachectl configtest
5. Restart web server
Restart web server by running the following command:
# /scripts/restartsrv_httpd
Check the ruleset has been installed by running the following command (it will list the Imunify360 ruleset):
/scripts/modsec_vendor list
6. Test the Imunify360 ruleset
Test the Imunify360 ruleset by running the following command:
# curl -k -I -L -s -w "%{http_code}" 'http://mycoolwebsite.net//?i360test=88ff0adf94a190b9d1311c8b50fe2891c85af732'
It should return 406 or 403 (in some cases) status code:
HTTP/1.1 406 Forbidden
Date: Tue, 13 Jul 2021 14:13:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Comments
0 comments
Please sign in to leave a comment.