URGENT! Apache down on multiple servers!

IPX

Verified User
Joined
Dec 14, 2020
Messages
8
Mar 28 09:28:07 httpd[37272]: httpd: Syntax error on line 50 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 2 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Cannot load /usr/lib/apache/mod_security2.so into server: /usr/lib/apache/mod_security2.so: undefined symbol: lua_setglobal
 
Mar 28 09:28:07 httpd[37272]: httpd: Syntax error on line 50 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 2 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Cannot load /usr/lib/apache/mod_security2.so into server: /usr/lib/apache/mod_security2.so: undefined symbol: lua_setglobal
Can't Help

But i think to less Information!

DA version?
Custombuild yes no / version
OS and version

After Updates? yes now when and which.?

And more is needed i think as the lines / code of those conf files: Also how and when you changed edited those with what editor and codeset/uploaded ftp...?, (and the charset of server and installed for modsecur)
httpd[37272]: httpd: Syntax error on line 50 of /etc/httpd/conf/httpd.conf: Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 2 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Cannot load /usr/lib/apache/mod_security2.so into server: /usr/lib/apache/mod_security2.so: undefined symbol: lua_setglobal
undefined symbol: lua_setglobal
 
Last edited:
Syntax error on line 50 of /etc/httpd/conf/httpd.conf
Syntax error on line 4 of /etc/httpd/conf/extra/httpd-phpmodules.conf
Syntax error on line 2 of /etc/httpd/conf/extra/httpd-modsecurity.conf
As a quick fix, these lines mentioned in the error message are not working. Depending on what they are, you can probably comment them out and apache will start. If they are nested (which is likely), start at the "bottom" one. By commenting them out you probably will disable mod_security until you can sort out the actual problem. Looks like the build of mod_security failed for some reason.
 
Also check this thread, also has a lua problem and has some tips to fix things.
 
Exact same issue on our side, only solution seems to be disabling mod_sec, but ofcourse this is not feasable.
 
Anyone else having this problem?
I updated one of the servers from version 2.9.6 to 2.9.7 and we had the same problem as @IPX here too.

The only solution was to disable ModSecurity and everything worked again.
 
I am experiencing this issue as well. Strange thing is that I have two servers exactly configured the same.
On one server ModSecurity is working without any kind of issues and on the other I am getting the following error (httpd down):

httpd: Syntax error on line 50 of /etc/httpd/conf/httpd.conf: Syntax error on line 3 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 2 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Cannot load /usr/lib/apache/mod_security2.so into server: /usr/lib/apache/mod_security2.so: undefined symbol: lua_setglobal...

On the other server there are no issues. And again both servers are configured the exact same way. Very strange.
I have tried a ton of things like removing modsecurity and all related folders (/usr/local/cwaf and /etc/cwaf) and compile everything from scratch. No luck. The error keeps coming back. It's driving me nuts.

I currently have disabled ModSecurity on the problematic server for the time being. Which is not really a solution, but at least httpd runs now.

File details: 1080 -rwxr-xr-x 1 root root 1104464 Jan 30 12:44 /usr/lib/apache/mod_security2.so
Same size as on the other server. Data was earlier today different, but the size was the same.

Sidenote; I have not installed nginx or apache_nginx. I am only running apache.

Anyone has an idea?

Thanks in advance.


Edit: both servers (problematic one and the one without issues) are running with the latest CentOS 7.9.
 
I am experiencing this issue as well. Strange thing is that I have two servers exactly configured the same.
On one server ModSecurity is working without any kind of issues and on the other I am getting the following error (httpd down):



On the other server there are no issues. And again both servers are configured the exact same way. Very strange.
I have tried a ton of things like removing modsecurity and all related folders (/usr/local/cwaf and /etc/cwaf) and compile everything from scratch. No luck. The error keeps coming back. It's driving me nuts.

I currently have disabled ModSecurity on the problematic server for the time being. Which is not really a solution, but at least httpd runs now.

File details: 1080 -rwxr-xr-x 1 root root 1104464 Jan 30 12:44 /usr/lib/apache/mod_security2.so
Same size as on the other server. Data was earlier today different, but the size was the same.

Sidenote; I have not installed nginx or apache_nginx. I am only running apache.

Anyone has an idea?

Thanks in advance.


Edit: both servers (problematic one and the one without issues) are running with the latest CentOS 7.9.

DirectAdmin Support, as a courtesy, accessed my server and ran the following commands:

# rm -f /usr/local/include/lua*
# rm -f /usr/local/lib/liblua*
# rm -f /usr/local/lib/lua*
# rm -rf /usr/local/lib/lua
# /usr/local/directadmin/custombuild/build modsecurity

After, I reinstalled Apache (or Apache_Nginx) and ModSecurity was installed correctly again.
 
Thank you paulonichio!

...however I followed those instructions (twice), but that didn't help. Still getting an error, but the error is slightly different this time:
httpd[24786]: httpd: Syntax error on line 51 of /etc/httpd/conf/httpd.conf: Syntax error on line 3 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 2 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Cannot load /usr/lib/apache/mod_security2.so into server: /usr/lib/apache/mod_security2.so: undefined symbol: luaL_loadfilex...

So instead of "undefined symbol: lua_setglobal" I am not getting "undefined symbol: luaL_loadfilex".
Will see where that file comes from, maybe some different directory...

But thank you for replying! Highly appreciated.


//edit #1
I also compared both options.conf for both "identical" servers, but the only difference (other than PHP version and hostname) are:

secure_php=no | yes
userdir_access=yes | no
pigeonhole=yes | no

The first setting is from the server with issues with ModSecurity where the 2nd setting is from the server without issues.
Otherwise everything is the same. Weird...

//edit #2
I also compared those folders which are being removed from your previous reply. Here is what I noticed:

Problem server: /usr/local/include= empty
Working server: a lot of files and directories

Problem server: /usr/local/lib = empty
Working server: a lot of files and directories

Very strange...
 
Last edited:
DirectAdmin Support, as a courtesy, accessed my server and ran the following commands:

# rm -f /usr/local/include/lua*
# rm -f /usr/local/lib/liblua*
# rm -f /usr/local/lib/lua*
# rm -rf /usr/local/lib/lua
# /usr/local/directadmin/custombuild/build modsecurity

After, I reinstalled Apache (or Apache_Nginx) and ModSecurity was installed correctly again.

I thought this would delete my old lua version 5.4.4 but I can still run lua in the terminal. Did they explain to you about this why do you need to remove them?

I heard that they no longer support Lua and have even dropped support for compiling it with './build', so it's confusing why an old version of Lua is still included in the ModSecurity build (5.1) and is not happy with my own custom version 5.4.4. It would make more sense to use the latest version. Just confuse like I always do when working with DirectAdmin.

Now, I'm unsure what the long-term consequences of running the above command are. So if someone can clarify whether running the command would cause any issues with my current lua version 5.4.4?



EDIT

Might be useful? @smtalk @fln: https://github.com/SpiderLabs/ModSecurity/issues/1622#issuecomment-356216294
 
Last edited:
Back
Top