ModSecuirty "/var/cpanel/secdatadir/ip"
ModSecurity: collection_store: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied
So, this error is a bit weird. First, just to be clear, "/var/cpanel/secdatadir/ip" is not a file. So, if you go looking for it, you will not find it. There is a directory "/var/cpanel/secdatadir/" The solution appears to be to remove mod_ruid2 or disable every IP rule in mod_security. An alternate solution is to make a fix with the permissions. secdatadir needs to be some place that apache (nobody) had execute to, so it can see the directory. I created /home/secdatadir and chowned it to nobody:nobody. Then I chmoded the files that were created in there to 777. I udpated mod_security to: ##SecDataDir "/var/cpanel/secdatadir"
SecDataDir "/home/secdatadir"
This allows this functionality to start working again. The log works fine. Not happy about the 777 files, but at least the log and IP scanning is working again.
-
So, this error is a bit weird. First, just to be clear, "/var/cpanel/secdatadir/ip" is not a file. So, if you go looking for it, you will not find it. There is a directory "/var/cpanel/secdatadir/"
Hello, Could you verify the specific error message you are referring to? Thanks!0 -
Hello, Thank you for clarifying. Note that for your workaround, you should be able to define the custom path for the "SecGeoLookupDb" directive via the following option if you prefer to use the WHM UI: "WHM Home " Security Center " ModSecurity" Configuration " Configure Global Directives" Thank you. 0 -
Thanks, I didn't even know about that! 0 -
It's been long known there are issues with RUID and any rules using collections (ip.pag, ip.dat, user.pag etc). due to the multiple user IDs running apache trying to write the same log file. Thankfully not that many rules really need these aside from counters / brute force / tracking rules. You can still run a pretty solid WAF without this feature. 0
Please sign in to leave a comment.
Comments
5 comments