Mod_security fail after provision
Ive updated my config by easyapache ... and fail, apache doesnt restart
( CENTOS 7.6 v86.0.16 )
" httpd: Syntax error in -C/-c directive: Syntax error on line 14 of /etc/apache2/conf.modules.d/800-mod_security2.conf: Cannot load modules/mod_security2.so into server: /opt/cpanel/libcurl/lib64/libcurl.so.4: undefined symbol: libssh2_scp_recv2 "
If i provision without mod_security2 all works fine ...
Any idea ?
-
I would most highly suspect a syntax error in a mod-security rule. I would most highly suspect the syntax error to be in a user supplied custom rule. To test, on the old Apache build, disable all custom rules, then disable all entire rule-sets. Then rebuild Apache with mod_security2 included. If this succeeds, re-enable your custom rules one at a time being sure to Deploy and Restart Apache with each new rule. The syntax error will be reported to the GUI on any restart failure isolating the faulty rule. If all custom rules save and restart Apache without error then move on to re-enabling each rule set one at a time until an error is encountered. 0 -
"To test, on the old Apache build, disable all custom rules, then disable all entire rule-sets. " where can i find the old config or the old rules ? no modsec2 files found 0 -
So all that's present in the file is an IfModule by default: 12 # Mod Security requires Apache's mod_unique_id to operate 13 14 LoadModule security2_module modules/mod_security2.so 15
What is the output of the following:rpm -qa |egrep 'libssh|libcurl|mod_sec'0 -
# rpm -qa |egrep 'libssh|libcurl|mod_sec' libssh2-1.4.3-12.el7_6.3.x86_64 libcurl-7.29.0-51.el7_6.3.x86_64 libssh2-devel-1.4.3-12.el7_6.3.x86_64 ea-libcurl-7.68.0-1.1.2.cpanel.x86_640 -
So all that's present in the file
the file /etc/apache2/httpd.conf ? if yes, i didn't find the ifmodule mod_unique_id may because to get my server still running, i build without modsecurty and so without modunique ?0 -
You don't have the mod security package installed that's necessary for mod_security2. Can you let me know if you're able to install it with the following: yum -y ea-apache24-mod_security20 -
After further investigation it seems unlikely that the first error message posted would be caused by a mod-security rule syntax error. This fragment of the error text has been discussed in various forums on the internet. libcurl.so.4: undefined symbol: libssh2_scp_recv2
In most cases it seems to be related to Dynamic linking of libraries especially in the build process using curl- Problem with version of curl (in 2017 - should be fixed by now)
- old/broken curl package pulled in (from path with higher priority)
- LD_LIBRARY_PATH being set when it should not be. To check if LD_LIBRARY_PATH is set run
echo $LD_LIBRARY_PATH
If unset it will return blank. If set it will return a path. Talking about Dynamic Linking and build process is way above my pay grade. These are just suggestions for others to think about when troubleshooting. Over and Out.0 -
i have opened a support ticket then, the support looked at my server and asked me to update my Curl then provision was succesfull 0
Please sign in to leave a comment.
Comments
8 comments