Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_security completely messed up beyond repair

Discussion in 'EasyApache' started by The German, Nov 23, 2016.

Tags:
  1. The German

    The German Registered

    Joined:
    Nov 23, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Website Owner
    Suddenly (I assume due to to cpanel automatic update), the complete mod_security configuration is gone and almost all related files are missing.

    1. When trying to save the configuration (Home »Security Center »ModSecurity™ Configuration »Configure Global Directives)
      I get the message here:
      Error: The system could not save your ModSecurity™ settings because of the following error: The system could not save some of the settings.

    2. The vendor management is corrupted as well (Home »Security Center »ModSecurity™ Vendors »Manage Vendors)
      It shows OWASP "This vendor is not installed", when clicking on the "install" button, the only thing that happens is an error message:

      Error: The system experienced the following error when it attempted to install the “OWASP ModSecurity Core Rule Set” vendor: API failure: The system could not validate the new Apache configuration because httpd exited with a nonzero value. Apache produced the following error: httpd: Syntax error on line 219 of /etc/apache2/conf/httpd.conf: Syntax error on line 32mo of /etc/apache2/conf.d/modsec2.conf: Could not open configuration file /etc/apache2/conf.d/modsec/modsec2.user.conf: No such file or directory

      Line 219 in httpd.conf:
      Include "/etc/apache2/conf.d/*.conf"

      Line 32 in modec2.conf:
      Include /etc/apache2/conf.d/modsec/modsec2.cpanel.conf

    3. File /etc/apache2/conf.d/modsec/modsec2.user.conf exists but has a zero byte size
    This is beyond frustrating - everything was working (including cxs!) and now EVERYTHING has been erased and Cpanel is unable to even fix the problem. What a mess...

    Any thoughts?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,309
    Likes Received:
    393
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Please feel free to open a ticket directly to cPanel Technical Support about this for fastest resolution.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Nathaniel Evans

    Nathaniel Evans Registered

    Joined:
    Jan 10, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    nj
    cPanel Access Level:
    Root Administrator
    Hi. I have the same problem. I recently upgraded to Easy Apache 4 and now I get this--
    Error:The system experienced the following error when it attempted to install the “OWASP ModSecurity Core Rule Set” vendor: API failure: The system could not validate the new Apache configuration because httpd exited with a nonzero value. Apache produced the following error: httpd: Syntax error on line 223 of /etc/apache2/conf/httpd.conf: Syntax error on line 32 of /etc/apache2/conf.d/modsec2.conf: Syntax error on line 28 of /etc/apache2/conf.d/modsec/modsec2.cpanel.conf: Could not open configuration file /etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf: No such file or directory

    Please help. What am I doing wrong?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,323
    Likes Received:
    1,851
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @Nathaniel Evans,

    To update, it looks like this issue was addressed via a support ticket with the following commands:

    Code:
    # mkdir /etc/apache2/conf.d/modsec_vendor_configs/configserver
    # touch /etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice