当我启用 ModSecurity 时,Ubuntu 22.04 上的 Apache 服务器崩溃

当我启用 ModSecurity 时,Ubuntu 22.04 上的 Apache 服务器崩溃

我正在使用 Apache2(最新版本)在 Ubuntu 22.04 上构建服务器。当我启用 ModSecurity 时,尝试重新启动 Apache 时会收到错误消息。一旦我禁用 ModSecurity,重新启动 Apache 时错误消息就会消失,我的网站就会恢复在线。有什么建议吗?

细节:

× apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:>
     Active: failed (Result: exit-code) since Wed 2022-11-23 13:16:04 CST; 8min a>
       Docs: https://httpd.apache.org/docs/2.4/
    Process: 2799 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAIL>
        CPU: 31ms

更多细节:

Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ An ExecStart= process belonging to unit apache2.service has exited.
░░ 
░░ The process' exit code is 'exited' and its exit status is 1.
Nov 23 13:16:04 m-70A4003AUX systemd[1]: apache2.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.
Nov 23 13:16:04 m-70A4003AUX systemd[1]: Failed to start The Apache HTTP Server.
░░ Subject: A start job for unit apache2.service has failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ A start job for unit apache2.service has finished with a failure.
░░ 
░░ The job identifier is 2140 and the job result is failed.

答案1

您运行过 apachectl configtest 吗?

https://coreruleset.org/installation/

重要提示:从 CRS 3.2.2、3.3.3 及更高版本开始,由于添加了新的保护措施,需要使用 ModSecurity 2.9.6 或 3.0.8(或带有反向移植补丁的版本)。我们建议尽快升级您的 ModSecurity。如果您的 ModSecurity 太旧,您的网络服务器将拒绝启动。作为临时措施,您可以删除文件 rules/REQUEST-922-MULTIPART-ATTACK.conf。但是,您将缺少一些保护措施。

相关内容