Nginx and Apache - Nginix wont start due to mod_security
- Thread starter Brenden
- Start date
Sorry! The error is below. Yes, I was using Comodo - didn't realise it wasn't supported as it was working.
nginx[31780]: nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /usr/local/cwaf/>
nginx[31780]: nginx: configuration file /etc/nginx/nginx.conf test failed
Commenting out mod_security in /etc/nginx/nginx-modsecurity-enable.conf and reloading Nginx fixed it.
nginx[31780]: nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /usr/local/cwaf/>
nginx[31780]: nginx: configuration file /etc/nginx/nginx.conf test failed
Commenting out mod_security in /etc/nginx/nginx-modsecurity-enable.conf and reloading Nginx fixed it.
CustomBuild 2.0 FAQ (DirectAdmin 1.46 or later is recommended)
CustomBuild 2.0 plugin to control CustomBuild from DirectAdmin UI: http://forum.directadmin.com/showthread.php?t=48989 1. What is custombuild? Custombuild is a tool, which can install/update: Apache AWstats Autoconf Automake ClamAV cURL Dovecot Exim configuration files FreeType GD htscanner...
forum.directadmin.com
modsecurity_ruleset - chooses ModSecurity Rule Set to install when "./build modsecurity_rules", "./build modsecurity", "./build apache", "./build nginx" or "./build all d" is ran. Set to 'no' to use no ruleset (or to use a custom one, uploaded to custom/modsecurity/conf directory. Comodo option provides Comodo Rule Set for ModSecurity: https://modsecurity.comodo.com/. OWASP ModSecurity Core Rule Set: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project. Add custom rules to custom/modsecurity/conf, they are added automatically to /etc/modsecurity.d after './build modsecurity' or './build modsecurity_ruleset' is ran. Nginx is not compatible with Comodo Rule Set yet. Possible values: comodo/owasp/no. (default: comodo).
Fixed! Thank you for the reportCustomBuild 2.0 FAQ (DirectAdmin 1.46 or later is recommended)
CustomBuild 2.0 plugin to control CustomBuild from DirectAdmin UI: http://forum.directadmin.com/showthread.php?t=48989 1. What is custombuild? Custombuild is a tool, which can install/update: Apache AWstats Autoconf Automake ClamAV cURL Dovecot Exim configuration files FreeType GD htscanner...
modsecurity_ruleset - chooses ModSecurity Rule Set to install when "./build modsecurity_rules", "./build modsecurity", "./build apache", "./build nginx" or "./build all d" is ran. Set to 'no' to use no ruleset (or to use a custom one, uploaded to custom/modsecurity/conf directory. Comodo option provides Comodo Rule Set for ModSecurity: https://modsecurity.comodo.com/. OWASP ModSecurity Core Rule Set: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project. Add custom rules to custom/modsecurity/conf, they are added automatically to /etc/modsecurity.d after './build modsecurity' or './build modsecurity_ruleset' is ran. Nginx is not compatible with Comodo Rule Set yet. Possible values: comodo/owasp/no. (default: comodo).
They released a version compatible with nginx (I hope it still works fine).We've got multiple reports like this, it seems to be Imunify ruleset related. I guess you're running Imunify as well?
So you can now use the standard comodo with the latest version of nginx? Great if that’s true.Fixed! Thank you for the report
In DA latest version 1.61.5, if I include options.conf before DA installation using these values:
Then nginx couldn't be started with the error related to modsecurity directive but rebuilding nginx_apache again fixed this problem:
Apache config:
#WEB Server Settings
webserver=nginx_apache
modsecurity=yes
modsecurity_ruleset=comodoThen nginx couldn't be started with the error related to modsecurity directive but rebuilding nginx_apache again fixed this problem:
Code:
./build nginx_apacheI would like to confirm that this has been fixed in directadmin 1.62+. I don't have to rebuild anymore.