The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

upcp modsecurity apache fails

Discussion in 'EasyApache' started by cbwass, Dec 5, 2005.

  1. cbwass

    cbwass Well-Known Member

    Joined:
    Mar 29, 2002
    Messages:
    148
    Likes Received:
    0
    Trophy Points:
    16
    Apache has failed on two servers right after tonights 'upcp', Something to do with modsecurity, if I disable mosecutity Apache starts OK, I have sent ticket to Cpanel.
    See extract from upcp email:
    ------------------
    cp /usr/src/modsecurity-apache-1.9.1/apache1/mod_security.so /usr/local/apache/libexec/mod_security.so
    chmod 755 /usr/local/apache/libexec/mod_security.so
    cp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.bak
    cp /usr/local/apache/conf/httpd.conf.new /usr/local/apache/conf/httpd.conf
    rm /usr/local/apache/conf/httpd.conf.new
    <b>Done</b>
    <b>Editing httpd.conf</b>
    <b>Done</b>
    <b>Copying over default Mod_Security ruleset</b>
    .<b>Done</b>
    .............Syntax error on line 228 of /usr/local/apache/conf/modsec.user.conf:
    Variables OUTPUT and OUTPUT_STATUS are not supported in the Apache 1.x version
    /etc/rc.d/init.d/httpd start: httpd could not be started
    ------------------------
     
  2. Izzee

    Izzee Well-Known Member

    Joined:
    Feb 6, 2004
    Messages:
    469
    Likes Received:
    0
    Trophy Points:
    16
    Edit usr/local/apache/conf/modsec.user.conf line 228 and comment out the line.

    Also comment out any other line that has OUTPUT or OUTPUT_STATUS and all will be jake.

    Example:
    SecFilterSelective OUTPUT "Fatal error:"
    to:
    #SecFilterSelective OUTPUT "Fatal error:"

    These are only supported by Apache 2.

    Then restart the httpd server.

    This can be done in WHM also.
    :)
     
    #2 Izzee, Dec 5, 2005
    Last edited: Dec 5, 2005
  3. cbwass

    cbwass Well-Known Member

    Joined:
    Mar 29, 2002
    Messages:
    148
    Likes Received:
    0
    Trophy Points:
    16
    Ok, that works now thanks.
     
  4. Izzee

    Izzee Well-Known Member

    Joined:
    Feb 6, 2004
    Messages:
    469
    Likes Received:
    0
    Trophy Points:
    16
    Thats good. :)

    If you edit the httpd.conf and you wish to check that the syntax is correct and that it won't prevent the server from restarting, from shell:
    /usr/local/apache/bin/apachectl configtest

    This will give error like above with the fault and the line number.

    Very useful if you tweak or keep having the achey-breakey nightly update nightmares.
    :)
     
Loading...

Share This Page