mod_security fails in ubuntu 16.04

#1
ubuntu 16.04 / OpenLiteSpeed 1.4.39
I compiled mod_security according to wiki
with setup
module mod_security {
modsecurity on
modsecurity_rules_file /usr/local/lsws/waf/comodo_litespeed/rules.conf
}
I get
openlitespeed (lshttpd - #03): symbol lookup error: /usr/local/lsws//modules/mod_security.so: undefined symbol: yajl_alloc
and OLS start only admin panel
 

David

Active Member
#2
It seems the module loaded correctly but it runs failed and cause server crash.
If disable this module, server should be up.
It maybe because the server code and module code do not match.
I tested mod_security.so, and never see such issue.
 

lskagan

Administrator
#3
How do you have OLS installed via apt? If so you can just run `apt-get install ols-modsecurity` to install mod_security instead of compiling it.
 

David

Active Member
#5
OK. The YAJL is an optional dependency, I do not know why it become a must and why check this symbol.
Will reply you later.
Please just disable the module right now.
Thanks.
David
 

David

Active Member
#7
Since our Makefile.f does not have the symbol linked, maybe you can try to add "-lyajl -lxml2 " to LDFLAGS and re-make the .so file if you have the dependency libraries installed. This way is try to fix this issue.
Otherwise, you can just disbale this module in the webAdmin and it will not bother server running.
I will debug and find a good solution.
 
#8
-lyajl -lxml2 - core dump and errors like this
gdb: not foundsh: 1: gdb: not found
sh: 1: gdb: not found
mv: cannot stat '/tmp/lshttpd/core*': No such file or directory
 
#9
./configure --with-yajl="/usr/lib/x86_64-linux-gnu /usr/include/yajl"
give /usr/local/lsws//modules/mod_security.so: undefined symbol: yajl_alloc
yajl is always shown as detected during configure
 

David

Active Member
#10
So you should have install yajl and yajl-devel when build the libarary libmodsecurity.a?
After the make, it should give you a result of which module is enabled or disabled. If you find yajl is enabled and now, you get such an error, maybe it is a bug of libmodsecurity, we need to tell them.
 
Top