Ubuntu

Apache upgrade problem with OSSEC wui

Asked by Vanessa Pareja

As company compliance to Requirement 10 of PCI DSS, I recently installed a File Integrity Monitoring system using OSSEC HIDSi and it's been up and running. We are also required to conduct internal vulnerability scan with our network to comply with Requirement 11 and so I used Nexpose Rapid7. After scanning, report says that Linux server running OSSEC is vulnerable through its outdated Apache server (version 2.22) and suggest to upgrade it to version 2.4. Apache server is required for the OSSEC wui as well as PHP module (libapache2-mod-php5). I upgraded Apache and removed PHP module and try to install it again but I got these error:

$ sudo apt-get --purge remove libapache2-mod-php5
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  linux-headers-3.2.0-29 linux-headers-3.2.0-29-generic apache2-mpm-prefork
  php5-cli php5-common
Use 'apt-get autoremove' to remove them.
The following packages will be REMOVED:
  libapache2-mod-php5*
0 upgraded, 0 newly installed, 1 to remove and 74 not upgraded.
After this operation, 0 B of additional disk space will be used.
Do you want to continue [Y/n]? y\
(Reading database ... 166673 files and directories currently installed.)
Removing libapache2-mod-php5 ...
Purging configuration files for libapache2-mod-php5 ...

$ sudo apt-get install libapache2-mod-php5
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 libapache2-mod-php5 : Depends: apache2.2-common but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

From what I understand, libapache2-mod-php5 only works with Apache 2.2, so I cannot upgrade Apache to 2.4? Is there any workaround here?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
actionparsnip
Solved:
Last query:
Last reply:
Revision history for this message
Manfred Hampl (m-hampl) said : 		#1

apache2.4 is not yet available on Ubuntu, there are just a few PPAs trying to provide that version.

You have to find a version of libapache2-mod-php5 that works with apache 2.4.
Maybe you can find such package in one of the PPAs or at another site, or you have to compile such package yourself.

Maybe the source where you downloaded apache 2.4 can help you further.

Revision history for this message
Vanessa Pareja (vanessa-pareja) said : 		#2

I upgraded Apache using PPA but I don't know how to get the libapache2-mod-php5 that can work with Apache 2.4. I'm still searching though.

Revision history for this message
Best actionparsnip (andrew-woodhead666) said : 		#3

I suggest you contact the PPA maintainer.

Revision history for this message
Vanessa Pareja (vanessa-pareja) said : 		#5

I contacted the PPA maintainer and he created libapache2-mod-php5 builds compatible with Apache 2.4.

See it here https://launchpad.net/~nathan-renniewaldock/+archive/apache2.4-php

apt-add-repository ppa:nathan-renniewaldock/apache2.4-php
apt-get update
apt-get install apache2 libapache2-mod-php5

Apache 2.4 and libapache2-mod-php5 were installed successfully.