Symptoms
-
Apache cannot be started if ModSecurity is enabled.
-
The following error appears in
/var/log/plesk/panel.logwith the enabled debug logging:ERR [panel] Unable to start service:
Unable to manage service by apache_control_adapter: ('start', 'web').
Error: Jan 13 17:42:26 uknet.eu systemd[1]: Starting The Apache HTTP Server...
httpd[9828]: AH00526: Syntax error on line 24 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/tortix_waf.conf:
httpd[9828]: ModSecurity: failed to load IPs from: /etc/asl/whitelist
Could not open ipmatch file "/etc/asl/whitelist": No such file or directory -
aum.x86_64package is missing:# rpm -qa | grep aum
<empty output>
# dpkg -l | grep aum
<empty output>
Cause
Corrupted Modsecurity installation.
Resolution
-
Connect to the server via SSH.
-
Install the missing package:
For RedHat/CentOS:
# yum install aum --enablerepo tortix-common -y
If the step above did not help, install aum manually:
# wget -q -O - https://updates.atomicorp.com/installers/aum | sh
For Debian/Ubuntu:
# wget -q -O - https://www.atomicorp.com/RPM-GPG-KEY.art.txt | apt-key add -
# apt-get update
# apt-get install aum -y
If the above actions did not help consider applying the following workaround:
- Log in to Plesk.
- Go to Tools & Settings > Web Application Firewall (ModSecurity) and enable the web application firewall.
- Set ruleset to any non-atomic ruleset, for example, Comodo and press OK to apply changes.
- After that, again open Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab and switch to the Atomic ruleset.
with