Apache PCI compliant settings cause services to stop

[bulewold]

This may be a dumb question but when I was trying to change some settings under apache configuration -> global and changed few settings to PCI recommended, following another instruction page I found to make server more secure.... after clicking submit, it stopped all my web service.

My guess is that when I change any settings on apache, it forgets all current web server settings and I have to reset it (or way to restore?) in order for my websites to work again, right?

Little insight on this would be helpful. Thank you.

 

[cPanelTristan]

Hello bulewold,

I've moved this to a new thread to ensure this topic has its own discussion.

Apache does rebuild and restart during the process of changing settings in WHM's Apache Configuration >> Global Configuration area, but websites and Apache services should start after a short rebuild and restart process. Can you tail the Apache error log next time you try to do this and post the results? The error log is at /usr/local/apache/logs/error_log location, and this is the command to use to tail it:

tail -fn0 /usr/local/apache/logs/error_log

Please try to load your site after the Apache configuration area shows a successful restart from the Global Configuration changes. This way we can see what is happening.

Of note, all current settings are not forgotten on saving the Global Configuration area. Apache updates the settings you choose to update, but any settings that are not changed would remain the same. Changing the server to be PCI compliant would really only cause a possible issue if you are using CentOS 5, since it won't support the newer cipher protocols that might be needed for better security.

Thanks!

 

[bulewold]

Yup, happened again. Everything worked fine. I did make some changes like rebuilding apache with new profile but I tested everything was working fine afterwards.

I then followed security checklist and changed 'Server Signature' from on to off under Apache global settings to PCI recommended settings, NOTHING ELSE and I noticed all the websites are down.

I even tried rebuildling it using profile and restarting server but did not work.
Here's what I got from error log.

[Sun Feb 08 22:41:06.374194 2015] [:error] [pid 1219] [client 66.249.67.83:59763] SecurityException in Application.cpp:186: Do not have root privileges. Executable not set-uid root?
[Sun Feb 08 22:41:06.374258 2015] [core:error] [pid 1219] [client 66.249.67.83:59763] End of script output before headers: index.php
[Sun Feb 08 22:41:06.376822 2015] [:error] [pid 1219] [client 66.249.67.83:59763] SecurityException in Application.cpp:186: Do not have root privileges. Executable not set-uid root?
[Sun Feb 08 22:41:06.376858 2015] [core:error] [pid 1219] [client 66.249.67.83:59763] End of script output before headers: index.php

As you mentioned, simply changing settings to PCI recommende settings shouldn't make server to crash but I'm getting 500 internal server error and nothing is working on my WP sites.
Now, it does however load HTML only site.

 

[bulewold]

Ok, this has been resolved. For whatever reason when I did it today with Godaddy on the line, it did not happen. I also noticed that Server Signature is off this time which was different. I think through system restore, it somehow got fixed.... Weird.....