Issue ModSecurity update problem

[CoyoteKG]

Hello,
I just logged in Plesk panel, and I got short message there is problem with modsecurity update.

I executed and got this

[root@websrv1 ~]# /var/asl/bin/aum -uf




Checking versions ...

        ASL version is current:                                           [PASS]
        Updating Web Application Firewall to 201705051133: updated        [PASS]
-------------------------------------------------------------------------------
Errors were encountered:

L CODE SOURCE                        MESSAGE
- ---- ----------------------------- ------------------------------------------
2 9901 ASLCommon::cmd_system         ERROR: '/bin/cp -af /var/asl/rules/modsec/
                                     template-* /var/asl/data/templates/ >/dev/
                                     null 2>&1 (1)'
2 9901 ASLCommon::cmd_system         ERROR: '/usr/sbin/apachectl -t >/dev/null
                                     2>&1 (1)'
2 9901 ASLCommon::cmd_exec           ERROR: '(1) /usr/sbin/apachectl -t 2>&1 --
                                      [Sun May 07 19:51:32.846596 2017] [so:war
                                     n] [pid 7673:tid 139690708506752] AH01574:
                                      module unique_id_module is already loaded
                                     , skipping||[Sun May 07 19:51:32.859691 20
                                     17] [so:warn] [pid 7673:tid 13969070850675
                                     2] AH01574: module security2_module is alr
                                     eady loaded, skipping||AH00526: Syntax err
                                     or on line 36 of /etc/httpd/conf/modsecuri
                                     ty.d/rules/tortix/modsec/50_plesk_basic_as
                                     l_rules.conf:||ModSecurity: Found another
                                     rule with the same id'
2 601  c_modsec::apply_rules         There is a problem with the apache config:
                                      [Sun May 07 19:51:32.846596 2017] [so:war
                                     n] [pid 7673:tid 139690708506752] AH01574:
                                      module unique_id_module is already loaded
                                     , skipping; [Sun May 07 19:51:32.859691 20
                                     17] [so:warn] [pid 7673:tid 13969070850675
                                     2] AH01574: module security2_module is alr
                                     eady loaded, skipping; AH00526: Syntax err
                                     or on line 36 of /etc/httpd/conf/modsecuri
                                     ty.d/rules/tortix/modsec/50_plesk_basic_as
                                     l_rules.conf:; ModSecurity: Found another
                                     rule with the same id
2 601  c_modsec::apply_rules         There is a problem with the apache config:
                                      Rolling back to the previous update
3 600  c_modsec::apply_rules         Errors occurred with Apache

I tried to turn on and off modsecurity in Tools and Settings, and after that in panel I got next message.

New configuration files for the Apache web server were not created due to the errors in configuration templates: [Sun May 07 19:58:05.053480 2017] [so:warn] [pid 8949:tid 139829036615808] AH01574: module unique_id_module is already loaded, skipping [Sun May 07 19:58:05.065993 2017] [so:warn] [pid 8949:tid 139829036615808] AH01574: module security2_module is already loaded, skipping AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf: ModSecurity: Found another rule with the same id . Detailed error descriptions were sent to you by email. Please resolve the issues and click here to generate broken configuration files once again or here to generate all configuration files. See the details in Configuration Troubleshooter

I clicked to link in this message to generate all configuration files, but now I have this error in Plesk panel

Unable to configure the web server: Execution failed. Command: httpdmng Arguments: Array ( [0] => --reconfigure-all ) Details: Error occured while sending feedback. HTTP code returned: 502 Error occured while sending feedback. HTTP code returned: 502 Execution failed. Command: httpdmng Arguments: Array ( [0] => --reconfigure-server [1] => -no-restart ) Details: [2017-05-07 20:00:20] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/apache-config' '-t'] with exit code [1] [2017-05-07 20:00:26] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/apache-config' '-t'] with exit code [1] [2017-05-07 20:00:30] ERR [panel] Apache config (14941800180.63887400) generation failed: Template_Exception: [Sun May 07 20:00:19.953333 2017] [so:warn] [pid 10105:tid 139773839788160] AH01574: module unique_id_module is already loaded, skipping [Sun May 07 20:00:19.966651 2017] [so:warn] [pid 10105:tid 139773839788160] AH01574: module security2_module is already loaded, skipping AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf: ModSecurity: Found another rule with the same id file: /usr/local/psa/admin/plib/Template/Writer/Webserver/Abstract.php line: 75 code: 0 Error occured while sending feedback. HTTP code returned: 502 [Sun May 07 20:00:19.953333 2017] [so:warn] [pid 10105:tid 139773839788160] AH01574: module unique_id_module is already loaded, skipping [Sun May 07 20:00:19.966651 2017] [so:warn] [pid 10105:tid 139773839788160] AH01574: module security2_module is already loaded, skipping AH00526: Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf: ModSecurity: Found another rule with the same id

These days I did not set anything with Apache and mod security.
Before few days from Plesk panel i updated few things, maybe mod security also was on the list.

What I can do? I have no experience with mod security, I just turn it on, and set Atomic rule.

 

[UFHH01]

Hi CoyoteKG,

your error message states:

module is already loaded

and

Syntax error on line 36 of /etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf

and

Found another rule with the same id

... which brings us to the Plesk Knowledge - Base - article: => ModSecurity: Found another rule with the same id

Pls. update/upgrade/patch your Plesk installation with the example command ( logged in as user "root" over SSH ):

plesk installer --select-product-id plesk --select-release-current --reinstall-patch --install-component base

 

[CoyoteKG]

Hi,

I tried that command but I got

# plesk installer --select-product-id plesk --select-release-current --reinstall-patch --install-component base

BUSY: Update operation was locked by another update process.
exit status 1

My current version of plesk is

Plesk Onyx
Version 17.0.17 Update #24, last updated on May 5, 2017 03:50 AM

And I see that I can upgrade it to

Upgrade to Plesk Onyx 17.5.3 is available.


What I should to do before this upgrade, to prevent any possible disaster?
When I said that, I never upgraded Plesk from one to another version, and I don't have idea how safe it is.
I have few important live sites on this server

 

[UFHH01]

Hi CoyoteKG,

pls. try to use as well the FORUM SEARCH, if you experience issues/errors/problems, because you will notice, that most of such issues/errors/problems/questions have been already discussed in this Plesk Community Forum. Pls. see for example your error message: "BUSY: Update operation was locked by another update process"

=> Search Results for Query: Update operation was locked by another update process | Plesk Forum = actually 74 results!

... and you might find it helpfull to use the Plesk Knowledge - Base as well ( which has as well a SEARCH option! ):

=> Help Center = actually 82 results"​

When I said that, I never upgraded Plesk from one to another version, and I don't have idea how safe it is.
I have few important live sites on this server

Since Plesk declared Plesk Onyx 17.5.3 as STABLE, you are safe to update/upgrade to this version at ANY time, because the latest versions is no pre-release and no-early-adopter-release... it's STABLE.

If something goes "wrong", or how ever you may declare possible issues/errors/problems ( which can ALWAYS happen, now matter how stable a product is ), Plesk will STOP the upgrade procedure and rollback to your previous version.