Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 28 subscribers
  • Views 2838 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF not starting after reboot due to config error

EdmundSackbauer

I am on 18.5 MR2 Build 380.

Every time I reboot the firewall, the WAF is not starting. In reversproxy.log these same lines appear every couple of seconds:

[Fri Jan 28 16:02:27.194845 2022] [core:warn] [pid 17313:tid 139992993545088] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
AH00112: Warning: DocumentRoot [/sdisk/waffiles/d4ccc5ed9becf385efd9ba9b1f2091e7] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/44502cdd091cd7e7fc982c40b77d04a8] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/8e2dcfd7e7e24b1ca76c1193f645902b] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/21b72c0b7adc5c7b4a50ffcb90d92dd6] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/9a3c5f2e7b4cac8047ff8b0eda2fd680] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/a511102ede5324bb4b637310963a9414] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/43d400c215702e62cdcbb687a0e6b755] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/bdda8e6a9dcfc3221e683593e494f550] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/eaf6d735fd2e60ca3d293a82fb0e1adf] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/e91c73fb45b136ce1d8dec3c500d3ad0] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/a17b4e9c956a70522b3807c4b4b11eb7] does not exist
AH00112: Warning: DocumentRoot [/sdisk/waffiles/5b5a35f45f655ad8da684f4c2b69bd4d] does not exist
AH00526: Syntax error on line 990 of /cfs/waf/reverseproxy.conf:
Invalid encrypted key

The line number hints at a WAF rule, and my workaround to get it working is to change the advanced setting the Protection Policy to "none".
I have 5 rules out of 18 where I need to do this, WAF won't start properly until those 5 rules are changed to protection policy "none".

WAF is then automatically starting properly and serving web pages.

And now the strange thing: Once I apply on those 5 rules the original protection policies again, it keeps working. But only until the next reboot.

The same happens if I restore a backup. I have to undergo the same process.

Where can I look further for investigating? The rules or the policies affected are very different, I can't figure out a common denominator.



This thread was automatically locked due to age.
Parents
  • +1

    Hello Edmund,

    Thank you for contacting the Sophos Community.

    I would recommend you to open a case with Support to get this investigated, for the part of the log that says "Invalid encrypted key" it makes me think the issue might be related to the secrets module, when opening the case please mention NC-84574 as this seems to match what you’re experiencing. 

    Regards,

  • 0 in reply to emmosophos

    Thanks for the info, but I am using the Home Edition and cannot open a case.

    I could provide the reverseproxy.conf file after booting and the working one.

Reply Children
No Data