Plesk & SocialBee have teamed up. Save 30% now!

Get the Deal

Knowledge Base

Apache can not be started on a Plesk server: ModSecurity: Problems loading external resources

 
apachefirewallhttpslinuxphp

Symptoms

  • Apache can not be started on the Plesk Server.

  • One of the following errors can be present:

    • In Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab:

      Failed to update the ModSecurity rule set: modsecurity_ctl failed: The ruleset were not installed Command '['/var/asl/bin/aum', '-uf']' returned non-zero exit status 3.
      Output:
      Checking versions ...
      -------------------------------------------------------------------------------
      Errors were encountered:
      L CODE SOURCE MESSAGE
      - ---- ----------------------------- ------------------------------------------
      [0;33m2 9901 ASLCommon::cmd_exec ERROR: '(7) /usr/bin/curl -A "Atomic Updater Modified (4.0)" -s -f --connect-timeout 10 --data "member=interdomain&license=&product=asl-4.0&from_web=1&system_type=webserver&act=2" https://updates.atomicorp.com/pgui_v/rpc4.0.php -- '
      [0m[0;33m2 9998 ASLValidate::_send_request validation error: 7
      [0m[0;33m2 9999 ASLValidate::validate_asl Bad data from request
      [0m[0;33m2 302 Core::distributed_update remote fail: E_CONNECT 7 .. www6.atomicorp.com/channels/rules/VERSION
      [0m[0;33m2 302 Core::distributed_update remote fail: E_CONNECT 7 .. www3.atomicorp.com/channels/rules/VERSION
      [0m[0;33m2 302 Core::distributed_update remote fail: E_CONNECT 7 .. www4.atomicorp.com/channels/rules/VERSION
      [0m[0;33m2 302 Core::distributed_update remote fail: E_CONNECT 7 .. www5.atomicorp.com/channels/rules/VERSION
      [0m[0;33m2 302 Core::distributed_update remote fail: E_CONNECT 7 .. www2.atomicorp.com/channels/rules/VERSION
      [0m[1;31m3 301 Core::check_versions ASL Version list could not be retrieved.
      [0m172.17.0.1
      172.16.3.21
      172.16.3.22
      127.0.0.1

    • The error below may appear in the /var/log/httpd/error_log:

      ModSecurity: Loaded 0 rules from: 'https://updates.atomicorp.com/channels/rules/installers/indicators.conf'.
      ModSecurity: Problems loading external resources: Failed to download: "https://updates.atomicorp.com/channels/rules/installers/indicators.conf" error: Couldn't connect to server.

    • Atomic Standard ruleset can not be enabled in Tools & Settings > Web Application Firewall (ModSecurity) with:

      modsecurity_ctl failed: Failed to download tortix rule set.

Cause

Temporary issue on Atomic side with the Atomic rulesets in ModSecurity. It led to the Apache service timeout to be exceeded.

Resolution

The issue was resolved by Atomicorp. If required, switch the ruleset back to Atomic in Tools & Settings > Web Application Firewall (ModSecurity).

If the workaround for Atomic Secured Linux extension was applied earlier

  1. Connect to the server via SSH.

  2. Execute the command below to rename the ModSecurity configuration file back:

    # mv /etc/httpd/conf.d/00_mod_security.conf1 /etc/httpd/conf.d/00_mod_security.conf

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit