nginx_apache problem with modsecurity

shanky

Verified User
Joined
Dec 7, 2007
Messages
88
Hi

Server has problem with domains don't work properly on nginx_apache with modsecurity.

New installation of DA nginx_apache with modsecurity are properly. Anyway, when open any domains hosted here always have errors:

divi.jpg
Extra.jpg
test-folder.jpg

Errors on nginx.

2018/10/29 20:31:21 [alert] 9494#0: worker process 23168 exited on signal 11
2018/10/29 20:31:35 [alert] 9494#0: worker process 23170 exited on signal 11
2018/10/29 20:31:36 [alert] 9494#0: worker process 23169 exited on signal 11
2018/10/29 20:31:50 [alert] 9494#0: worker process 23172 exited on signal 11
2018/10/29 20:32:05 [alert] 9494#0: worker process 23171 exited on signal 11
2018/10/29 20:32:06 [alert] 9494#0: worker process 23173 exited on signal 11

I have modify nginx.conf as in https://help.directadmin.com/item.php?id=542

i /var/log/httpd/domains/bangkokalways.com.error.log
[root@stablenok private_html]# vi + /var/log/nginx/error_log
[root@stablenok private_html]# nano /etc/nginx/nginx-defaults.conf
[root@stablenok private_html]# systemctl reload nginx

But errors are still existed. nginx config is changed to the original now.

I think problem may come from modsecurity but I don't know how to fix it.

Please advice.

Thanks
 
Hi,

Same problem here after last night:

Code:
Oct 30 07:32:02 srv kernel: nginx[3211]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:32:03 srv kernel: nginx[3224]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:32:14 srv kernel: nginx[3225]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:32:20 srv kernel: nginx[3212]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:32:21 srv kernel: nginx[3241]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:32:29 srv kernel: nginx[3245]: segfault at d8 ip 000000000046387c sp 00007ffe919aee40 error 4 in nginx[400000+1b7000]
Oct 30 07:32:34 srv kernel: nginx[3244]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:32:34 srv kernel: nginx[4648]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:33:29 srv kernel: nginx[5563]: segfault at d8 ip 000000000046387c sp 00007ffe919aee40 error 4 in nginx[400000+1b7000]
Oct 30 07:33:31 srv kernel: nginx[12386]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:33:38 srv kernel: nginx[12834]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:33:41 srv kernel: nginx[5701]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:33:41 srv kernel: nginx[14973]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:33:51 srv kernel: nginx[15047]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:34:24 srv kernel: nginx[14279]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:34:24 srv kernel: nginx[16425]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:34:29 srv kernel: nginx[21977]: segfault at d8 ip 000000000046387c sp 00007ffe919aee40 error 4 in nginx[400000+1b7000]
Oct 30 07:34:30 srv kernel: nginx[22684]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:34:37 srv kernel: nginx[22806]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]
Oct 30 07:34:50 srv kernel: nginx[24378]: segfault at d8 ip 000000000046387c sp 00007ffe919aee70 error 4 in nginx[400000+1b7000]

Code:
2018/10/30 07:31:06 [alert] 2557#0: worker process 2939 exited on signal 11
2018/10/30 07:31:06 [alert] 2557#0: worker process 2940 exited on signal 11
2018/10/30 07:31:06 [alert] 2557#0: worker process 2942 exited on signal 11
2018/10/30 07:31:06 [alert] 2557#0: worker process 2941 exited on signal 11
2018/10/30 07:31:29 [alert] 2557#0: worker process 2944 exited on signal 11
2018/10/30 07:31:43 [alert] 2557#0: worker process 2943 exited on signal 11
2018/10/30 07:31:43 [alert] 2557#0: worker process 2956 exited on signal 11
2018/10/30 07:32:02 [alert] 2557#0: worker process 3211 exited on signal 11
2018/10/30 07:32:03 [alert] 2557#0: worker process 3224 exited on signal 11
2018/10/30 07:32:14 [alert] 2557#0: worker process 3225 exited on signal 11
2018/10/30 07:32:20 [alert] 2557#0: worker process 3212 exited on signal 11
2018/10/30 07:32:21 [alert] 2557#0: worker process 3241 exited on signal 11
2018/10/30 07:32:29 [alert] 2557#0: worker process 3245 exited on signal 11
2018/10/30 07:32:34 [alert] 2557#0: worker process 3244 exited on signal 11
2018/10/30 07:32:34 [alert] 2557#0: worker process 4648 exited on signal 11
2018/10/30 07:33:29 [alert] 2557#0: worker process 5563 exited on signal 11
2018/10/30 07:33:31 [alert] 2557#0: worker process 12386 exited on signal 11
2018/10/30 07:33:38 [alert] 2557#0: worker process 12834 exited on signal 11
2018/10/30 07:33:41 [alert] 2557#0: worker process 5701 exited on signal 11
2018/10/30 07:33:41 [alert] 2557#0: worker process 14973 exited on signal 11
2018/10/30 07:33:51 [alert] 2557#0: worker process 15047 exited on signal 11
2018/10/30 07:34:24 [alert] 2557#0: worker process 14279 exited on signal 11
2018/10/30 07:34:24 [alert] 2557#0: worker process 16425 exited on signal 11
2018/10/30 07:34:29 [alert] 2557#0: worker process 21977 exited on signal 11
2018/10/30 07:34:30 [alert] 2557#0: worker process 22684 exited on signal 11
2018/10/30 07:34:37 [alert] 2557#0: worker process 22806 exited on signal 11
2018/10/30 07:34:50 [alert] 2557#0: worker process 24378 exited on signal 11

After trying to go back to apache:

Code:
Oct 30 07:36:01 srv httpd: httpd: Syntax error on line 51 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 32 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Syntax error on line 1 of /etc/modsecurity.d/comodo_rules.conf.main: Syntax error on line 1 of /etc/cwaf/cwaf.conf: Syntax error on line 1 of /usr/local/cwaf/rules/rules.conf.main: Could not open configuration file /etc/httpd/00_Init_Initialization.conf: No such file or directory
Oct 30 07:36:01 srv systemd: httpd.service: control process exited, code=exited status=1
Oct 30 07:36:09 srv systemd: Unit httpd.service entered failed state.
Oct 30 07:36:09 srv systemd: httpd.service failed.
Oct 30 07:36:09 srv httpd: httpd: Syntax error on line 51 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 32 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Syntax error on line 1 of /etc/modsecurity.d/comodo_rules.conf.main: Syntax error on line 1 of /etc/cwaf/cwaf.conf: Syntax error on line 1 of /usr/local/cwaf/rules/rules.conf.main: Could not open configuration file /etc/httpd/00_Init_Initialization.conf: No such file or directory
Oct 30 07:36:09 srv systemd: httpd.service: main process exited, code=exited, status=1/FAILURE
Oct 30 07:36:09 srv systemd: httpd.service: control process exited, code=exited status=1
Oct 30 07:36:09 srv systemd: Unit httpd.service entered failed state.
Oct 30 07:36:09 srv systemd: httpd.service failed.
Oct 30 07:36:22 srv httpd: httpd: Syntax error on line 51 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 32 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Syntax error on line 1 of /etc/modsecurity.d/comodo_rules.conf.main: Syntax error on line 1 of /etc/cwaf/cwaf.conf: Syntax error on line 1 of /usr/local/cwaf/rules/rules.conf.main: Could not open configuration file /etc/httpd/00_Init_Initialization.conf: No such file or directory
Oct 30 07:36:22 srv systemd: httpd.service: main process exited, code=exited, status=1/FAILURE
Oct 30 07:36:22 srv systemd: httpd.service: control process exited, code=exited status=1
Oct 30 07:36:22 srv systemd: Unit httpd.service entered failed state.
Oct 30 07:36:22 srv systemd: httpd.service failed.
Oct 30 07:37:01 srv httpd: httpd: Syntax error on line 51 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 32 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Syntax error on line 1 of /etc/modsecurity.d/comodo_rules.conf.main: Syntax error on line 1 of /etc/cwaf/cwaf.conf: Syntax error on line 1 of /usr/local/cwaf/rules/rules.conf.main: Could not open configuration file /etc/httpd/00_Init_Initialization.conf: No such file or directory
Oct 30 07:37:01 srv systemd: httpd.service: main process exited, code=exited, status=1/FAILURE
Oct 30 07:37:01 srv systemd: httpd.service: control process exited, code=exited status=1
Oct 30 07:37:01 srv systemd: Unit httpd.service entered failed state.
Oct 30 07:37:01 srv systemd: httpd.service failed.
Oct 30 07:37:06 srv httpd: httpd: Syntax error on line 51 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 32 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Syntax error on line 1 of /etc/modsecurity.d/comodo_rules.conf.main: Syntax error on line 1 of /etc/cwaf/cwaf.conf: Syntax error on line 1 of /usr/local/cwaf/rules/rules.conf.main: Could not open configuration file /etc/httpd/00_Init_Initialization.conf: No such file or directory
Oct 30 07:37:06 srv systemd: httpd.service: main process exited, code=exited, status=1/FAILURE
Oct 30 07:37:06 srv systemd: httpd.service: control process exited, code=exited status=1
Oct 30 07:37:06 srv systemd: Unit httpd.service entered failed state.
Oct 30 07:37:06 srv systemd: httpd.service failed.
Oct 30 07:37:27 srv httpd: httpd: Syntax error on line 50 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 32 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Syntax error on line 1 of /etc/modsecurity.d/comodo_rules.conf.main: Syntax error on line 1 of /etc/cwaf/cwaf.conf: Syntax error on line 1 of /usr/local/cwaf/rules/rules.conf.main: Could not open configuration file /etc/httpd/00_Init_Initialization.conf: No such file or directory
Oct 30 07:37:27 srv systemd: httpd.service: main process exited, code=exited, status=1/FAILURE
Oct 30 07:37:27 srv systemd: httpd.service: control process exited, code=exited status=1
Oct 30 07:37:27 srv systemd: Unit httpd.service entered failed state.
Oct 30 07:37:27 srv systemd: httpd.service failed.

After try to recompile and reconfigure with custombuild, the only fix was disable modsecurity.

Regards
 
My server running ngnix_apache, php7.2 and opcache. I have same problem when enabled modsecurity 2.9 and also the roundcube is show connection error when login to access inbox. Who know when will the modsecurity 3.0 avaliable for nginx_apache build on custombuild ?
 
Last edited:
Back
Top