Solved nginx fails to start after new modsecurity rule set

Wanabo

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
353
Location
The Netherlands
Today I updated DA from 1.643 to 1.644, after that I found several updates in CB including a new modsecurity ruleset.
2 out of 3 servers failed to start nginx:
Code: 
nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /etc/modsecurity.d/REQUEST-922-MULTIPART-ATTACK.conf

I fixed the two servers by removing the REQUEST-922-MULTIPART-ATTACK.conf file.
All servers have the same setup, only the one that did not failed has php 8.1. instead of php 8.2

server 1: failed to start nginx, php 8.2
server 2: failed to start nginx, php 8.2
server 3: no problem, php 8.1

Not sure if the difference in php versions is relevant, because it is an nginx issue in combination with REQUEST-922-MULTIPART-ATTACK.conf
 
Wanabo said:
All servers have the same setup, only the one that did not failed has php 8.1. instead of php 8.2
Click to expand...
As said to you earlier, don't use versions which are not even officially released yet, because it will cause all kind of odd issues.
Since it works fine on the server with php 8.1 the chance is that the cause is most likely php 8.2 in spite of the reason given by modsecurity.

However...... maybe it might have something to do with OWASP.
Check this thread (click).

As you can see from the last post there, both CP and Plesk can encounter this issue too and might be fix by an OWASP update, or both.
 
I've downgraded php 8.2 to 8.1 and done a ./build all. Problems with modsecurity solved.

I don't have any paying customers, all servers are for websites I maintain myself.
Some sites generate some revenue, but it won't cover the costs. But every hobby costs money, so I don't complain.
So I can't really say those servers are for production use.
 
jamgames2 said:
don't use PHP RC Version in production.
Click to expand...
I told him that last time too already.

Wanabo said:
I've downgraded php 8.2 to 8.1 and done a ./build all. Problems with modsecurity solved.
Click to expand...
Tadaaaa... I'm not surprised.

I understand that it's not production use, but hobby (also like forums) are in fact also kind of production.
The issue is that (as proven again) using this RC's can cause various and sometimes not understandable issues.

So DA might be the correct place to solve some odd issues not caused by them. ;)
 
You must log in or register to reply here.
Back
Top