Error creating rule: Could not add entry 1.2.3.45.6.7.8 in line XX of file /etc/asl/whitelist to IP list
This means that there is a bogus entry in your /etc/asl/whitelist file. The format of the file is either one IP address per line, or one CIDR per line. For example:
1.2.3.4 5.6.7.8 10.0.0.0/8
Please remove the bogus line, and either run this command on ASL:
asl -f -
Or if you are not using ASL you will need to manually restart apache.
[edit][warn] module security2_module is already loaded, skipping
This error means that apache has tried to load mod_security twice, and is refusing to do so. This is worth investigating because ASL will never try to do this, and this error means that someone or something else has configured apache to do this twice. This could mean that there are two (or more) modsecurity configurations on the system, which will in fact be loaded by apache. Although the module is not loaded, the configuration options will be which could cause all sorts of problems with the system.
Again, ASL will never configure the system to do this, so if you see this error it means someone or something else has added another modsecurity configuration to the system which could cause severe performance problems, could disable key settings, or enable other settings that may conflict with the configuration of modsecurity.
If the module is just configured to load twice, and there are no configuration options then this error may be harmless.
[edit]Address already in use: make_sock: could not bind to address [::]:80
This is a generic error generated by Apache. This message occurs if apache (or some other process) is bound to port 80. This error is not caused by ASL.
In some cases, such as when apache is restarted, the apache init script may not actually shut apache down before starting it. In some other cases, such as if the system is running a processor manager, or a process watchdog, they may restart apache during the restart cycle if Apache takes a long time to stop (the apache "graceful" option may take a long time to shut down all child processes, and this can occur). The process manager may incorrectly (or depending on how you look at the situation, correctly) detect that Apache is "down" and restart it automatically, before the Apache init script can start Apache. This will result in this error which is technically incorrectly.
This can also occur if some other process is listening on port 80. In all cases, when this error message is generated by apache, it means that apache tried to start and tried to bind to port 80 only to find something else (possibly apache) already listening on port 80.
Check to see if apache is already running, by running this command as root:
ps auxwww | grep httpd
If apache is running, you will see an output similar to this:
root 30070 0.0 11.2 572444 227872 ? Ss 16:01 0:01 /usr/sbin/httpd apache 30338 0.0 10.6 445936 215880 ? S 16:01 0:00 /usr/sbin/httpd apache 30339 0.2 13.1 652036 266176 ? S 16:01 0:09 /usr/sbin/httpd apache 30340 0.1 12.7 633744 256844 ? S 16:01 0:09 /usr/sbin/httpd apache 30341 0.2 12.7 641456 257528 ? S 16:01 0:09 /usr/sbin/httpd apache 30342 0.2 12.7 641852 257364 ? S 16:01 0:10 /usr/sbin/httpd apache 30343 0.2 12.7 635864 256688 ? S 16:01 0:09 /usr/sbin/httpd apache 30344 0.2 12.9 644080 261692 ? S 16:01 0:10 /usr/sbin/httpd apache 30345 0.2 12.9 644012 261632 ? S 16:01 0:10 /usr/sbin/httpd apache 30346 0.2 12.4 634564 251056 ? S 16:01 0:12 /usr/sbin/httpd apache 32012 0.1 12.8 644100 259272 ? S 16:31 0:04 /usr/sbin/httpd apache 32013 0.1 12.7 643804 256628 ? S 16:31 0:04 /usr/sbin/httpd apache 32014 0.1 12.6 641456 255712 ? S 16:31 0:04 /usr/sbin/httpd apache 32015 0.1 12.9 645856 262424 ? S 16:31 0:05 /usr/sbin/httpd apache 32016 0.1 11.5 631772 233776 ? S 16:31 0:04 /usr/sbin/httpd apache 32017 0.1 12.7 641424 258196 ? S 16:31 0:04 /usr/sbin/httpd
If you see apache running, you can ignore this error. However, you may want to restart apache again just to make sure whatever changes were applied to apache, to cause it need to be restarted, were applied.
If you do not see apache running, try starting it again. If you continue to get this error, then something else is running on port. You can find out what is listening on port 80 with this command:
netstat -anp | grep :80 | grep LISTEN
The output will look like this:
tcp 0 0 :::80 :::* LISTEN 30070/httpd
The last field "300070/httpd" lists the process ID and process name that is listening on port 80.