Errors: Install on CentOS 5.1, with Custombuild (directadmin)

Hi,

When trying to install modsecurity, I’m getting the following errors:

ERROR: Not found SUDO directory /etc/sudoers.d.\Please fix this manually, then rerun this installation. Can't open /etc/cwaf/main.conf: No such file or directory. Can't open /etc/cwaf/main.conf: No such file or directory. ./build: line 13835: /usr/local/cwaf/scripts/updater.pl: No such file or directory Installation of ModSecurity Rule Set has been finished. Stopping httpd: [FAILED] Starting httpd: httpd: Syntax error on line 50 of /etc/httpd/conf/httpd.conf: Syntax error on line 5 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 29 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Syntax error on line 1 of /etc/modsecurity.d/comodo_rules.conf.main: Could not open configuration file /etc/cwaf/cwaf.conf: No such file or directory

How could I fix this ?

Hi Duboux

CWAF plugin require sudo to be installed (to perform admin task such as Apache restart etc)
Last version of plugin (2.5) should install sudo before setup.
Please try to run installer manually from command console:

`# cd /tmp

mkdir /etc/sudoers.d

wget https://waf.comodo.com/cpanel/cwaf_client_install.sh

bash ./cwaf_client_install.sh`

Then follow installer prompts.

Please let us know if it fixed this problem.

UPD. Added creating directory to instruction

Sorry, solution didn’t work during test.
Please try to create /etc/sudoers.d dir before running installer:

mkdir /etc/sudoers.d

This will be fixed asap.

Regards, Oleg

Almost !

It got me further, untill it tried to download cwaf_rules-1.25.tgz
got a 404.

*** MD5 Checksum for cwaf_rules-1.25.tgz Failed. Redownloading...***

Downloading cwaf_rules-1.25.tgz…
–2015-04-07 12:00:25-- https://waf.comodo.com/api/da_vendor?file=cwaf_rules-1.25.tgz
Resolving waf.comodo.com… 91.209.196.88
Connecting to waf.comodo.com|91.209.196.88|:443… connected.
HTTP request sent, awaiting response… 404 Not Found
2015-04-07 12:00:25 ERROR 404: Not Found.

*** MD5 Checksum for cwaf_rules-1.25.tgz failed again.***
The md5 checksum value may be incorrect, or a wrong file is being downloaded.
Install continuing with this possibly corrupted file. (it may also be fine)

gzip: stdin: unexpected end of file
tar: Child returned status 1
tar: Error exit delayed from previous errors
cp: cannot stat `/usr/local/cwaf/rules/exclude.yml’: No such file or directory
Installation of ModSecurity Rule Set has been finished.
Stopping httpd: [FAILED]
Starting httpd: httpd: Syntax error on line 50 of /etc/httpd/conf/httpd.conf: Syntax error on line 5 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Syntax error on line 29 of /etc/httpd/conf/extra/httpd-modsecurity.conf: Syntax error on line 1 of /etc/modsecurity.d/comodo_rules.conf.main: Syntax error on line 2 of /etc/cwaf/cwaf.conf: No matches for the wildcard ‘*.conf’ in ‘/usr/local/cwaf/rules’, failing (use IncludeOptional if required)

Hi Duboux

Please run custombuild update before updating ruleset:
# cd /usr/local/directadmin/custombuild && ./build update

Then:
# ./build modsecurity_rules

Regards, Oleg

Okay, it worked =D

2015-04-07 22:14:22 (1.41 MB/s) - `/usr/local/directadmin/custombuild/cwaf_rules-1.27.tgz' saved [84707/84707]

*** MD5 Checksum for cwaf_rules-1.27.tgz failed again.***
The md5 checksum value may be incorrect, or a wrong file is being downloaded.
Install continuing with this possibly corrupted file. (it may also be fine)

Installation of ModSecurity Rule Set has been finished.
Stopping httpd: [ OK ]
Starting httpd:

However, the plugin WAF in the DA panel, states that it’s not loaded:

Current rules version	1.27 (Latest version) Restore rules
CWAF plugin version	2.6 (Latest version)
Web Platform	Apache
Apache version	2.4.12
Mod_security compatible	yes
Mod_security loaded	no
Mod_security conf	/etc/httpd/conf/extra/httpd-modsecurity.conf

phpinfo() tells the module mod_security2 is loaded though :wink:

Hi Duboux

In fact its loaded, just interface problem :slight_smile:
Thanks for reporting, I’ll check why it display ‘no’

Regards, Oleg