Apache fails to start with SELinux and mod secrity

Support for security such as Firewalls and securing linux
Jadoo
Posts: 1
Joined: 2017/01/11 09:59:24

Apache fails to start with SELinux and mod secrity

Postby Jadoo » 2017/01/11 10:11:56

Hello,
When enabling SELinux to Enforcing mode, apache shows Apache 503 “Service temporarily unavailable” and it also fails to restart:

● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2017-01-11 10:04:00 UTC; 8s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 23472 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
Process: 23470 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 23470 (code=exited, status=1/FAILURE)

-- Unit httpd.service has begun starting up.
Jan 11 10:04:00 vps-xxx httpd[23470]: AH00526: Syntax error on line 60 of /etc/httpd/conf/plesk.conf.d/server.conf:
Jan 11 10:04:00 vps-xxx httpd[23470]: ModSecurity: Failed to open the audit log file: /var/log/modsec_audit.log
Jan 11 10:04:00 vps-xxx systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Jan 11 10:04:00 vps-xxx kill[23472]: kill: cannot find process ""
Jan 11 10:04:00 vps-xxx systemd[1]: httpd.service: control process exited, code=exited status=1
Jan 11 10:04:00 vps-xxx systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit httpd.service has failed
-- Defined-By: systemd

How to fix?

User avatar
TrevorH
Forum Moderator
Posts: 20996
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Apache fails to start with SELinux and mod secrity

Postby TrevorH » 2017/01/11 11:16:17

Jan 11 10:04:00 vps-xxx httpd[23470]: ModSecurity: Failed to open the audit log file: /var/log/modsec_audit.log


Check permissions and selinux contexts on that file.

Jan 11 10:04:00 vps-xxx httpd[23470]: AH00526: Syntax error on line 60 of /etc/httpd/conf/plesk.conf.d/server.conf:


We do not support any systems with panels installed. You need to ask Plesk for support.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke