Symptoms
Apache web-server fails to start with the following error message in configuration:
Note: The name of the ModSecurity rule-set in the error message may vary.
-
on CentOS/RHEL-based distributions
# httpd -t
httpd: Syntax error on line 353 of /etc/httpd/conf/httpd.conf: Syntax error on line 5 of /etc/httpd/conf.d/security2.conf: Syntax error on line 6 of /etc/httpd/conf/modsecurity.d/zz_rules.conf: No matches for the wildcard ‘*.conf’ in ‘/etc/httpd/conf/modsecurity.d/rules/modsecurity_crs-plesk’, failing (use IncludeOptional if required) -
on Debian/Ubuntu-based distributions:
# apache2ctl -t
apache2: Syntax error on line 141 of /etc/apache2/apache2.conf: Syntax error on line 4 of /etc/apache2/mods-enabled/security2.conf: Syntax error on line 6 of /etc/apache2/modsecurity.d/zz_rules.conf: No matches for the wildcard ‘*.conf’ in
‘/etc/apache2/modsecurity.d/rules/tortix’, failing (use IncludeOptional if required)
Cause
The ModSecurity configuration file zz_rules.conf
contains links to non-existent files.
Resolution
-
Connect to the Plesk server via SSH.
-
Open the file zz_rules.conf in a text editor. In this example, we are using the vi editor:
# vi /etc/httpd/conf/modsecurity.d/zz_rules.con
-
Replace “Include” with “IncludeOptional” in all lines.
-
Save the changes and close the file.
-
Start Apache:
# service httpd start
-
Log in to Plesk > go to Tools & Settings > Web Application Firewall (ModSecurity) and activate ModSecurity.
-
Connect to the Plesk server via SSH.
-
Open the file zz_rules.conf in a text editor. In this example, we are using the vi editor:
-
# vi /etc/apache2/modsecurity.d/zz_rules.conf
-
-
Replace “Include” with “IncludeOptional” in all lines.
-
Save the changes and close the file.
-
Start Apache:
# service apache2 start
-
Log in to Plesk > go to Tools & Settings > Web Application Firewall (ModSecurity) and activate ModSecurity.