To fix this for sure, do one of these:
Table of Contents
1️⃣ Restore or recreate the missing OWASP3 folder
If /etc/apache2/conf.d/modsec_vendor_configs/OWASP3.bak exists, rename it back:
bash
mv /etc/apache2/conf.d/modsec_vendor_configs/OWASP3.bak /etc/apache2/conf.d/modsec_vendor_configs/OWASP3
Then:
bash
/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd
/scripts/restartsrv_httpd
2️⃣ Reinstall OWASP ModSecurity Core Rule Set via WHM
-
In WHM:
Security Center > ModSecurity Vendors -
Find OWASP ModSecurity CRS and click Install.
-
This will restore the missing folder/files.
Then run via SSH:
bash
/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd
/scripts/restartsrv_httpd
3️⃣ Temporarily disable the OWASP3 include in the Apache config
Edit the file:
bash
nano /etc/apache2/conf.d/modsec/modsec2.cpanel.conf
Locate the line (around line 27):
apache
Include “/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/crs-setup.conf”
Comment it out by adding a # at the start:
apache
# Include “/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/crs-setup.conf”
Save and exit.
Then rebuild Apache config and restart:
bash
/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd
/scripts/restartsrv_httpd
After Apache successfully restarts, you can then:
-
Fix your PHP upload size settings in WHM.
-
Re-enable OWASP3 rules properly later if needed.
If none of these work or you get permission errors, please share the exact commands you ran and their output — I can guide you step-by-step.