Skip to main content

Apache/httpd failed to start syntax error "modsec2.cpanel.conf: Could not open configuration file"

Steven Sublett
  • Updated

Symptoms

The web server Apache/httpd is unable to start because of the below error messages.

Syntax error on line 270 of /etc/apache2/conf/httpd.conf:
Syntax error on line 32 of /etc/apache2/conf.d/modsec2.conf:
Syntax error on line 29 of /etc/apache2/conf.d/modsec/modsec2.cpanel.conf:
Could not open configuration file /etc/apache2/conf.d/modsec_vendor_configs/OWASP/crs-setup.conf

 

Description 

If configuration files for the ModSecurity vendors are removed from the Apache configuration while still being enabled, it will cause configuration errors in the httpd.conf file. This issue can occur for many reasons, but usually, the files are removed accidentally or because of an issue encountered on the server.

 

Workaround

To start Apache, the Include files need to be disabled temporarily.

  1. Open the /etc/apache2/conf.d/modsec2.conf file with a text editor like vi, vim, or nano.
  2. Disable the Included line by adding a "#" at the beginning of the line: 
    # Include /etc/apache2/conf.d/modsec/modsec2.cpanel.conf
  3. Restart Apache: 
    /scripts/restartsrv_httpd

The next step is to get the ModSecurity rules reinstalled. Please note, that the next steps assume you're using cPanel's provided ModSecurity rules.

  1. Add the "OWASP ModSecurity Core Rule Set V3.0" vendor 
    /usr/local/cpanel/scripts/modsec_vendor add http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml
  2. You will receive output similar to below. 
    # /usr/local/cpanel/scripts/modsec_vendor add http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml
    info [modsec_vendor] You have added the vendor “OWASP ModSecurity Core Rule Set V3.0”.

    [OWASP3] OWASP ModSecurity Core Rule Set V3.0
    archive_url http://httpupdate.cpanel.net/modsecurity-rules/OWASP3_1501094486.zip
    description SpiderLabs OWASP curated ModSecurity rule set
    dist_md5 2697e62531ab49f3907d10049bfc18a0
    dist_sha512 cee19f6abb78e52f7ea51a4cfbc3783fa8e60d88f5ae8b959026eeafff4d0d49f0538daf9302c61df26209f28a1eebc0b0e2ddd02036411ab8dae3c2d464f5ef
    distribution OWASP3_1501094486
    enabled 1
    inst_dist OWASP3_1501094486
    installed 1
    installed_from http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml
    is_pkg
    meta_vendor_cache_file /var/cpanel/modsec_vendors/meta_OWASP3.cache
    meta_yaml_file /var/cpanel/modsec_vendors/meta_OWASP3.yaml
    name OWASP ModSecurity Core Rule Set V3.0
    path /etc/apache2/conf.d/modsec_vendor_configs/OWASP3
    progress_bar
    report_url https://www.modsecurity.org/rule_issue_report/cPanel/report/new
    supported_versions (12)
    vendor_id OWASP3
    vendor_url https://go.cpanel.net/modsecurityowasp
  3. Afterward, the rules can be successfully enabled with the following command. 
    /usr/local/cpanel/scripts/modsec_vendor enable-configs OWASP3
  4. Uncomment the disabled line and restart Apache to return ModSecurity to normal operating mode. Edit file "/etc/apache2/conf.d/modsec2.conf" to remove the "#" on the Include line. Using the same method as earlier with vi, vim, or nano. 
    Include /etc/apache2/conf.d/modsec/modsec2.cpanel.conf
  5. After saving the changes, restart Apache one final time. 
    /scripts/restartsrv_httpd

Everything should be back to normal at this point, and you are all set.

 

Additional

If the missing file references a Third-Party vendor, you will need to substitute that vendor in the vendor add command. You can determine the URL to use with the vendor using the /usr/local/cpanel/scripts/modsec_vendor list command, the installed_from line will tell you the URL to use with the /usr/local/cpanel/scripts/modsec_vendor add command:

# /usr/local/cpanel/scripts/modsec_vendor list
[OWASP3] OWASP ModSecurity Core Rule Set V3.0
archive_url http://httpupdate.cpanel.net/modsecurity-rules/OWASP3_1501094486.zip
configs (22)
cpanel_provided 1
description SpiderLabs OWASP curated ModSecurity rule set
dist_md5 2697e62531ab49f3907d10049bfc18a0
dist_sha512 cee19f6abb78e52f7ea51a4cfbc3783fa8e60d88f5ae8b959026eeafff4d0d49f0538daf9302c61df26209f28a1eebc0b0e2ddd02036411ab8dae3c2d464f5ef
enabled 1
in_use 22
inst_dist OWASP3_1501094486
installed 1
installed_from http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml
name OWASP ModSecurity Core Rule Set V3.0
path /etc/apache2/conf.d/modsec_vendor_configs/OWASP3
report_url https://www.modsecurity.org/rule_issue_report/cPanel/report/new
supported_versions (12)
update 1
vendor_id OWASP3
vendor_url https://go.cpanel.net/modsecurityowasp

Take note of the vendor_id, and use it in the next command:

/usr/local/cpanel/scripts/modsec_vendor enable-configs $vendor_id

Related articles

Comments

0 comments

Article is closed for comments.