Skip to main content

Apache Fails With "Syntax error on line ## of /etc/apache2/conf.d/modsec_vendor_configs/imunify360-(full-OR-minimal)-apache/$FILENAME" Error

Ehsan Dowlatshah
  • Updated

Symptoms

When checking the status of httpd service, you will see the following error: 

[root@server ~]# systemctl status httpd -l

● httpd.service - Apache web server managed by cPanel EasyApache
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2021-03-19 06:35:20 CDT; 12s ago
Process: 7716 ExecStop=/usr/local/cpanel/scripts/restartsrv_httpd stop --no-verbose (code=exited, status=0/SUCCESS)
Process: 7723 ExecStart=/usr/local/cpanel/scripts/restartsrv_httpd --no-verbose (code=exited, status=1/FAILURE)
Main PID: 32363 (code=exited, status=0/SUCCESS)

Mar 19 06:35:19 server.domain.tld systemd[1]: Stopped Apache web server managed by cPanel EasyApache.
Mar 19 06:35:19 server.domain.tld systemd[1]: Starting Apache web server managed by cPanel EasyApache...
Mar 19 06:35:20 server.domain.tld restartsrv_httpd[7723]: AH00526: Syntax error on line 41 of /etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/004_i360_4_custom.conf:
Mar 19 06:35:20 server.domain.tld restartsrv_httpd[7723]: Error creating rule: Could not open phrase file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/userdata_dirb_URLs.data": No such file or directory
Mar 19 06:35:20 server.domain.tld systemd[1]: httpd.service: control process exited, code=exited status=1
Mar 19 06:35:20 server.domain.tld systemd[1]: Failed to start Apache web server managed by cPanel EasyApache.
Mar 19 06:35:20 server.domain.tld systemd[1]: Unit httpd.service entered failed state.
Mar 19 06:35:20 server.domain.tld systemd[1]: httpd.service failed.

The same information can be seen when rebuilding Apache's configuration:

[root@server ~]# /scripts/rebuildhttpdconf

Initial configuration generation failed with the following message:

The “/usr/sbin/httpd -DSSL -t -f /etc/apache2/conf/httpd.conf.work.6ebe700b.cfgcheck -C Include "/etc/apache2/conf.modules.d/*.conf"” command (process 28745) reported error number 1 when it ended.
Configuration problem detected on line 40 of file /etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/004_i360_4_custom.conf: Error creating rule: Could not open phrase file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/userdata_dirb_URLs.data": No such file or directory

--- /etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/004_i360_4_custom.conf ---

Descriptions

This usually suggests that a file associated with Imunify360 ModSecurity Rules For Apache is missing. The file's name and the type of the ruleset are usually reported in the error. For instance, in the error above, the missing file is userdata_dirb_URLs.data, and also the Imunify360 ModSecurity Rulest is the full version and not the minimal version:

/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/userdata_dirb_URLs.data

Workaround

You should be able to get around this error by reinstalling the problematic ruleset. Here is how it's done:

  1. Find the vendor and the vendor ID of the ModSecurity ruleset package that the missing file belongs to. 
    [root@server ~]# whmapi1 modsec_get_vendors | grep -i vendor_id | uniq -u

    vendor_id: OWASP3
    vendor_id: imunify360-minimal-apache
    vendor_id: imunify360-full-apache>
  2. Remove the ruleset entirely. 
    [root@server ~]# whmapi1 modsec_remove_vendor vendor_id=imunify360-full-apache

    ---
    data: {}

    metadata:
      command: modsec_remove_vendor
      reason: OK
      result: 1
      version: 1
  3. Reinstall the missing ruleset with the following command. 
    [root@server ~]# whmapi1 modsec_add_vendor url=https://files.imunify360.com/static/modsec/v2/meta_imunify360-full-apache.yaml


    ---
    data:
    archive_url: https://files.imunify360.com/static/modsec/v2/imunify360-full-apache.zip
    cpanel_provided: 0
    description: Imunify360 ModSecurity Rules For Apache
    dist_md5: 24379ff57a11d8507bab0e2658dc7604
    dist_sha512: 9519a81f7933a3efe9c39fd17e8fe9a2c29896a3ad445a27badfc9b4811dc98ae9d1b81752c940635ab8a5af3d115c4bf3663f9225948f08b8068ae23e9db315
    enabled: 1
    inst_dist: imunify360-full-apache-3.72-stable
    installed: 1
    installed_from: https://files.imunify360.com/static/modsec/v2/meta_imunify360-full-apache.yaml
    name: Imunify360 Apache Rule Set
    path: /etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache
    supported_versions:
    - 2.7.5
    - 2.7.7
    - 2.8.0
    - 2.9.0
    - 2.9.1
    - 2.9.2
    - 2.9.3
    - 3.0.4
    vendor_id: imunify360-full-apache
    vendor_url: https://docs.imunify360.com/
    metadata:
    command: modsec_add_vendor
    reason: OK
    result: 1
    version: 1

    Note: These are the URLs for the YAML files for both versions of Imunify360 ModSecurity Rules For Apache (Full and minimal), so in the above command, you need to replace the URL with whatever version you wish to install.

    https://files.imunify360.com/static/modsec/v2/meta_imunify360-full-apache.yaml

    https://files.imunify360.com/static/modsec/v2/meta_imunify360-minimal-apache.yaml

    If your server runs LiteSpeed instead of Apache, you will have to use one of the Imunify360 ModSecurity Rules For LiteSpeed (Full and minimal) URLs below.

    https://files.imunify360.com/static/modsec/v2/meta_imunify360-minimal-litespeed.yaml

    https://files.imunify360.com/static/modsec/v2/meta_imunify360-full-litespeed.yaml

  4. Enable the newly installed ruleset. 
    [root@server ~]# whmapi1 modsec_enable_vendor vendor_id=imunify360-full-apache

    ---
    data: {}

    metadata:
    command: modsec_enable_vendor
    reason: OK
    result: 1
    version: 1
  5. Rebuild the Apache configuration files. 
    /scripts/rebuildhttpdconf
  6. Restart Apache. 
    systemctl restart httpd

Related articles