Question: Running aum -u fails with the error and breaks Apache in Plesk
Applicable to:- Plesk Onyx 17.5 for Linux
- Plesk for Linux
Symptoms- ModSecurity is installed on the server.
- Execution of # aum -u gives the following result:
# aum -u
Checking versions ...
ASL version is current: [PASS]
Updating Web Application Firewall to 201704031637: updated [PASS]
-------------------------------------------------------------------
Errors were encountered:
L CODE SOURCE MESSAGES
- ---- ------ --------------------------------------------------------------
2 9901 ASLCommon::cmd_system ERROR: '/bin/cp -af /var/asl/rules/modsec/template-* /var/asl/data/temp[lates/ >/dev/null 2>&1 (1)'
2 9901 ASLCommon::cmd_system ERROR: '/usr/sbin/apachectl -t >/dev/null 2>$1 (1)'
2 601 c_modsec::apply_rules There is a problem with the apache config: [Fri Apr 07 17:09:15.588579 2017] [so:warn] [pid 11445:tid 140533768259648] Ah01574 : module unique_id_module is already loaded, skipping||[Fri Apr 07 17:09:15.629545 2017] [so:warn] [pid 11445:tld 140533768259648] AH01574: module security2_module is already loaded, skipping||AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf:||ModSecurity: Found another rule with the same id
2 601 c_modsec::apply_rules There is a problem with the apache config: Rolling back to the previous update
3 600 c_modsec::apply_rules Errors occured with Apache
- While trying to restart Apache service, it fails with the following error:
# service httpd status
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code)
Apr 07 17:09:48 server.name httpd[11491]: AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf:
Apr 07 17:09:48 server.name httpd[11491]: ModSecurity: Found another rule with the same id
Apr 07 17:09:48 server.name kill[11493]: kill: cannot find process ""
Hint: Some lines were ellipsized, use -l to show in full.
Causeaum -u creates it's own configuration file /etc/httpd/conf.d/00_mod_security.conf which contains duplicate directives from /etc/httpd/conf.d/security2.conf.
ResolutionNote: aum -u it's a native modsecurity utility to update its rules that must not be executed on Plesk server because Plesk uses its own mechanism to update modsecurity rules.
1.Connect to the server via SSH.
2.Remove all from 00_mod_security.conf
for CentOS/RHEL-based distributions:
# echo "" > /etc/httpd/conf.d/00_mod_security.conf
for Debian/Ubuntu-based distributions:
# echo "" > /etc/apache2/conf.d/00_mod_security.conf
3.Restart Apache:
for CentOS/RHEL-based distributions:
# service httpd restart
for Debian/Ubuntu-based distributions:
# service apache2 restart
4.Create a Plesk database backup.
5.Login to Plesk database:
# plesk db
6.Remove orphaned records from the Configurations table with the following query:
delete from Configurations where status <> 'ok';