Symptoms
-
One of the following error messages is shown on the Home page in Plesk:
New configuration files for the Apache web server were not created due to the errors in configuration templates: [so:warn] [pid 55597:tid 140252507555968] AH01574: module unique_id_module is already loaded, skipping
httpd: Syntax error on line 353 of /etc/httpd/conf/httpd.conf: Syntax error on line 13 of /etc/httpd/conf.d/00_mod_security.conf: No matches for the wildcard '00*exclude.conf' in '/etc/httpd/modsecurity.d', failing (use IncludeOptional if required).
New configuration files for the Apache web server were not created due to the errors in configuration templates: [Wed Mar 21 12:25:31 2018] [warn] module security2_module is already loaded, skipping [Wed Mar 21 12:25:31 2018] [warn] module unique_id_module is already loaded, skipping Syntax error on line 35 of /etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf: ModSecurity: Found another rule with the same id .
-
Apache configuration checker reports one or both of the warnings below ("httpd -t" for CentOS/RHEL-based distributions, "apache2 -t" for Debian/Ubuntu-based distributions):
# httpd -t
[warn] module security2_module is already loaded, skipping
[warn] module unique_id_module is already loaded, skipping -
In some cases, Apache cannot be started.
Cause
The ModSecurity configuration file 00_mod_security.conf contains duplicated records.
Resolution
-
Connect to the Plesk server via SSH.
-
Open the file
00_mod_security.confin a text editor. In this example, we are using the vi editor:# vi /etc/httpd/conf.d/00_mod_security.conf
-
Replace "Include" in the lines:
Include modsecurity.d/00*exclude.conf
Include modsecurity.d/*asl*.conf
Include modsecurity.d/99*exclude.confwith "IncludeOptional":
IncludeOptional modsecurity.d/00*exclude.conf
IncludeOptional modsecurity.d/*asl*.conf
IncludeOptional modsecurity.d/99*exclude.conf -
Save the changes and close the file.
-
Locate duplicated ModSecurity modules and disable them:
# grep -ir security2_module /etc/httpd/ && grep -ir unique_id_module /etc/httpd/
In case there is a module which is enabled twice in the output above, for example:
/etc/httpd/conf.modules.d/00-base.conf:LoadModule unique_id_module modules/mod_unique_id.so
/etc/httpd/conf.modules.d/10-mod_security.conf: LoadModule unique_id_module modules/mod_unique_id.sodisable it by putting a # (hash) character at the beginning of the line in the file
00_mod_security.conf:#LoadModule security2_module ...
#LoadModule unique_id_module ... -
Restart Apache:
# service httpd restart
-
Repair web-server configuration:
# plesk repair web -y
-
Go to Tools & Settings > Web Application Firewall (ModSecurity) > Settings tab and click OK to refresh ModSecurity settings.
-
Connect to the Plesk server via SSH.
-
Open the file
00_mod_security.confin a text editor. In this example, we are using the vi editor:# vi /etc/apache2/conf.d/00_mod_security.conf
-
Replace "Include" in the lines:
Include modsecurity.d/00*exclude.conf
Include modsecurity.d/*asl*.conf
Include modsecurity.d/99*exclude.confwith "IncludeOptional":
IncludeOptional modsecurity.d/00*exclude.conf
IncludeOptional modsecurity…
with