Error in Imunify360 ruleset caused Apache to fail to restart

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • serversonic
    Junior Member
    • Nov 2023
    • 2

    #1

    Error in Imunify360 ruleset caused Apache to fail to restart

    A client's cPanel server was updated to 114.0.11 this morning and was unavailable for 35 minutes after the update had run. In the upcp log the only obvious error I can see is this:

    Code:
    AH00526: Syntax error on line 274 of /etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/006_i360_4_custom.conf:
    Error creating rule: Could not open phrase file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/bl_uri": No such file or directory​
    The error appears to have been backed out, but several logs have no entries from the time of the restart to about 35 minutes later, particularly the root httpd error log, which has otherwise been showing scanning attempts continually, and lfd.log, which suggests that iptables may have also been affected​. I'm not clear yet whether there was some intervention to restart httpd, and I'm asking here because that error is showing that it was related to the Imunify360 ruleset.

    TIA
    Simon
  • alevchenko
    Administrator
    • Mar 2023
    • 86

    #2
    Hi,

    Check if the error message reoccurs when you run
    HTML Code:
    httpd -t
    If it does, you can try to reinstall the ModSecurity ruleset using the following instructions:
    https://cloudlinux.zendesk.com/hc/en...-cPanel-server

    Comment

    • serversonic
      Junior Member
      • Nov 2023
      • 2

      #3
      Hi -

      No it doesn't, and httpd did restart successfully at the next try by chksrvd. It hasn't repeated today, and nor has the outage, so I'm not entirely sure what corrected it.
      Last edited by serversonic; 11-02-2023, 11:12 AM.

      Comment

      Working...