ASL is one of the best Security Softwares From AtomiCorp for Linux Servers that protects server from known Vulnarablity that has so many security modules built into it from protecting  the web application vulnerability to Kernel Level vulnerability protection,

Today I noticed the folloing Error while I was trying to rebuild Apache configuration using the Cpanel built-in scripts

/scripts/rebuildhttpdconf

but it threw the following error that was absolutely related to the modsecurity rulesets provided by atomicrop’s ASL software

[root@box1 ~]# /scripts/rebuildhttpdconf
info [rebuildhttpdconf] 'local' template in use (/var/cpanel/templates/apache2/main.local)
Initial configuration generation failed with the following message:

An error occurred while running: /usr/local/apache/bin/httpd -DSSL -t -f /usr/local/apache/conf/httpd.conf.work.5jJL0oM5Hk_YnQqk
Exit signal was: 0
Exit value was: 1
Output was:
---
[Mon Dec 17 00:44:31 2012] [warn] module sed_module is already loaded, skipping
[Mon Dec 17 00:44:31 2012] [warn] module security2_module is already loaded, skipping
Syntax error on line 36 of /usr/local/apache/modsecurity.d/00_asl_z_antievasion.conf:
ModSecurity: Found another rule with the same id
---

Rebuilding configuration without any local modifications.

Failed to generate a syntactically correct Apache configuration.
Bad configuration file located at /usr/local/apache/conf/httpd.conf.work.5jJL0oM5Hk_YnQqk
Error:
An error occurred while running: /usr/local/apache/bin/httpd -DSSL -t -f /usr/local/apache/conf/httpd.conf.work.5jJL0oM5Hk_YnQqk
Exit signal was: 0
Exit value was: 1
Output was:
---
[Mon Dec 17 00:44:32 2012] [warn] module sed_module is already loaded, skipping
[Mon Dec 17 00:44:32 2012] [warn] module security2_module is already loaded, skipping
Syntax error on line 36 of /usr/local/apache/modsecurity.d/00_asl_z_antievasion.conf:
ModSecurity: Found another rule with the same id
---

I diged further to find out what it really cause the problem, I read all the apache httpd.conf configuration and find out that this

Include /etc/httpd/conf.d/*.conf

has been included twice both on the very first of the httpd.conf and also included a little lines after.

Since apache configuration httpd.conf is being built by the Cpanel Template When it is installed and compiled via cpanel so it just needed to edit the Cpanel Apache Configuration template from where the httpd.conf is being rebuilt upon through the /scripts/rebuildhttpd.conf

so I went ahead and edited the Cpanel TEmplate which is /var/cpanel/templates/apache2/main.local

 nano /var/cpanel/templates/apache2/main.local

It was looks like this

Include /etc/httpd/conf.d/*.conf
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#   Direct modifications to the Apache configuration file may be lost upon subsequent regeneration of the       #
#   configuration file. To have modifications retained, all modifications must be checked into the              #
#   configuration system by running:                                                                            #
#       /usr/local/cpanel/bin/apache_conf_distiller --update                                                    #
#   To see if your changes will be conserved, regenerate the Apache configuration file by running:              #
#       /usr/local/cpanel/bin/build_apache_conf                                                                 #
#   and check the configuration file for your alterations. If your changes have been ignored, then they will    #
#   need to be added directly to their respective template files.                                               #
#                                                                                                               #
#   It is also possible to add custom directives to the various "Include" files loaded by this httpd.conf       #
#   For detailed instructions on using Include files and the apache_conf_distiller with the new configuration   #
#   system refer to the documentation at: http://www.cpanel.net/support/docs/ea/ea3/customdirectives.html       #
#                                                                                                               #
#   This configuration file was built from the following templates:                                             #
#     /var/cpanel/templates/apache2/main.default                                                                #
#     /var/cpanel/templates/apache2/main.local                                                                  #
#     /var/cpanel/templates/apache2/vhost.default                                                               #
#     /var/cpanel/templates/apache2/vhost.local                                                                 #
#     /var/cpanel/templates/apache2/ssl_vhost.default                                                           #
#     /var/cpanel/templates/apache2/ssl_vhost.local                                                             #
#                                                                                                               #
#  Templates with the '.local' extension will be preferred over templates with the '.default' extension.        #
#  The only template updated by the apache_conf_distiller is main.default.                                      #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

Then Removed the extra included /etc/httpd/conf.d/*.conf from the very beginning of this template configuration file

Then Saved and Closed that file using nano

Ran /scripts/rebuildhttpd.conf once again

[root@box1 ~]# /scripts/rebuildhttpdconf
info [rebuildhttpdconf] 'local' template in use (/var/cpanel/templates/apache2/main.local)
Built /usr/local/apache/conf/httpd.conf OK
[root@box1 ~]#

As you can see from the above apache configuration file httpd.conf was being successfully rebuilt from the Cpanel Template and every things get back to normal 🙂

Thanks

Voshka Niknam

/var/cpanel/templates/apache2/main.local

1 COMMENT

  1. whoah this weblog is excellent i love studying your articles.
    Keep up the great work! You know, a lot of people are hunting around for this information, you
    could aid them greatly.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.