1. S

    Do not have root privileges. Executable not set-uid root?

    Hi. I just noticed I cannot get to my site at all. I'm looking at the /usr/local/apache/logs/error_log file and see a whole bunch of weird stuff. When I try going to my site, I get a Too many redirects error, however, I can still successfully access the WHM stuff. Here's what a snippet of...
  2. S

    Issues with modsecurity OWASP and false positives.

    I see in /usr/local/apache/logs/error_logs a lot of error messages. Here's a small chunk. [Mon Jul 18 19:19:34.821609 2016] [:error] [pid 6823] [client] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file...
  3. A

    issue with modesecurity not enabling some owasp rules

    I have cpanel/whm 56 build 25, centos 5.11. I have mode security enabled. There are 5 rules (OWASP) not enabled. I try to enable them but they won't enable. It says: Warning: You have successfully enabled some of the configuration files. The files that the system failed to enable are marked...
  4. M

    mod_security Blocking Form Contents

    mod_security Blocking Form Contents (IE: Textboxes containing URL Links) If a TextBox has a URL (starting with HTTP) as its contents, submitting the form triggers a FORBIDDEN error, I have tracked this down to a setting in "mod_security" which is possibly designed to prevent SQL Injection...
  5. H

    Mod_security is being triggered

    Hello, My mod_security is being triggered from last couple of days for few sites. Even the server's IP is also comes in host name in some triggered list. Here are the details of few attacks : 1- Host: Request: GET...
  6. W

    Problem with Modsec after last update

    /etc/cron.hourly/ $ENV{lib::restrict-!-d_ok_in} is deprecated use $lib::restrict::d_ok_in at /usr/local/cpanel/Cpanel/ line 19. $ENV{lib::restrict-!-d_ok_in} is deprecated use $lib::restrict::d_ok_in at /usr/local/cpanel/Cpanel/ line 19. $ENV{lib::restrict-!-d_ok_in}...
  7. N

    Failed to create subdirectories error

    Hi there!! I get a huge amount of errors from apache: ModSecurity: Audit log: Failed to create subdirectories: /usr/local/apache/logs/modsec_audit/nobody/20160530/20160530-1505 (Permission denied) [hostname ""] [uri "xxxx.php"] [unique_id "xxxxxxxxxxxxxxxx"] I'm running apache...
  8. R

    OWASP - mod security export rules status

    Hi How can take a list with active and disabled ID rules ? I want to know the IDs which are currently disabled example id 950120 not the rule group
  9. E

    Nginx with mod_remoteip and mod_security

    Hi I'm using so far nginx as a reverse proxy in front of apache 2.4, PHP 5.6 Everything works great. In the apache log I can see the real ips of the visitors. I use proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host...
  10. S

    Issue with Mod security and SecConnReadStateLimit

    I am trying to use SecConnReadStateLimit directive to limit the number of connections per IP. If I set the limit to be anything smaller than 256, the website is completely unaccessible. For example, if I set it to 100, here is what I saw from the error log: [256] of 100 allowed in READ state...
  11. Osama Tariq

    ModSecurity Logs in cPanel

    Is it possible to display any other logs in cpanel file manager for user end ?
  12. jonh

    ModSecurity disabled but ModSecurity: Access denied with redirection to

    ModSecurity is enabled, I'm not sue what I wasn't seeing the settings pages before. I'm just not sure why one website would be having this issue. It's basically making the website inaccessible. It's a basic wordpress website. It was working fine on another cpanel server just the other day. I...
  13. icandoit

    Need to disable cpanel modsecurity for one folder only

    My chat folder gives so many errors How to disable mod security for only one folder?
  14. S

    ModSecurity + MPM ITK compatibility

    Apache Module: MPM ITK - EasyApache 4 - cPanel Documentation states however Apache Module: ModSecurity - EasyApache - cPanel Documentation states: So is Modsec + MPM ITK compatible in EA3 or EA4? Would use ModRuid2 but no cache/memcache (I presume MPM ITK will work with caching)
  15. N

    Whitelist for Mod Security available?

    Hi guys, Sunday I have installed Mod Security on our VPS (this is our first time we are using Mod Security). Unfortunately it has banned all visitors, except me. This is generally not a problem, but to be honest this time I have no idea how to unban those users. Does anyone have an idea? If I...
  16. sahostking

    cpanel error with modsecurity

    Trying to install mod security vendor which seems to work fine on all our other servers. But one particular server is giving this error: Not sure why but I'm getting this on one server. Probably server issue? How to fix? Error:API failure: The system could not download the file...
  17. F

    Whitelist an IP address in Modsecurity

    How do I whitelist an IP address in Modsecurity ? One of our accounts uses the sucuri firewall and all traffic from sucuri is being blocked in modsecurity.
  18. C

    ModSecurity: Rule processing failed.

    Yet another ModSecurity thread... So as per our other recent post, we've recently switched from our own customized version of the AtomiCorp rules to the OWASP rules provided by cPanel. On all of our servers, /usr/local/apache/logs/error_log is filled with these: [Mon Feb 09 18:51:54...
  19. S

    OWASP - mod security and wordpress

    I updated Cpanel to the version that supports OWASP and enabled it Everything seemed fine on most sites until I tried to edit a wordpress page Various issues including unable to edit pages - editing pages results in odd behavior when I disabled the ruleset - wordpress went back to...
  20. M

    Feature Showcase - ModSecurity - More Information?

    See attachment for what I saw when I attempted to log into WHM recently. However, clicking on the "More Information" link brought me to which then redirected to which doesn't load correctly...