when I upload a File, return a HTTP error, I thought is a permision directory, but in the Apache.error.log
[:error] [pid 15697] [client 84.127.226.119:57773] [client 84.127.226.119] ModSecurity: Access denied with code 406 (phase 2). Pattern match "^POST$" at REQUEST_METHOD. [file "/etc/modsecurity/custom/20_bruteforce.conf"] [line "44"] [id "210"] [msg "Accept header required"] [hostname "www.adginteriorismo.com"] [uri "/admin/uploadify/uploadify.php"] [unique_id "WHicpFJihsAAADqYz0UAAAAD"]
How I can Fix this?
You have ModSecurity installed and have configured it with a rule to not allow POST requests.
ModSecurity is a Web Application Firewall (WAF) add on to Apache and can be quite complicated to understand.
Easiest option is to comment out that rule (line 44 in /etc/modsecurity/custom/20_bruteforce.conf) and restart Apache - though maybe someone added that rule for a good reason.
Related
I want to prevent Apache 2.4 from logging 403 errors.
Conditional logging is described in https://httpd.apache.org/docs/2.4/logs.html, but this refers to the access log.
In httpd.conf, I tried:
ErrorLogFormat "%!403[%t] [%l] [pid %P] %F: %E: [client %a] %M"
Nope. I tried several variations, but Apache still gives an error. Maybe, conditional logging is not possible in the error log?
I have only allowed GET, POST methods in my apache server. It shows lot of times error like below which is of no use to me. How can I block these errors to come in apache error log
[Mon Aug 22 18:43:27.232168 2016] [allowmethods:error] [pid 19314:tid 139797637039872] [demowebsite.com] [client 224.0.0.0:80] AH01623: client method denied by server configuration: 'PURGE' to /var/www/demowebsite/
I also want to know what is causing it. I am using apache 2.4 + php 5.5 + mod_pagespeed + varnish.
Please help me.
Since you seem to be using Apache 2.4.X
Just by setting:
LogLevel allowmethods:crit
you will be rising the level necessary to log to error log to critical level in that module so they won't show up for errors.
When I try to run my website it shows a 500 internal server error :
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster#example.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
Error log says :
[cgi:error] [pid 13006] [client 141.101.104.167:28335] AH01215: suexec policy violation: see suexec log for more details: /home/myweb/public_html/cgi-bin/index.cgi
[cgi:error] [pid 13006] [client 141.101.104.167:28335] End of script output before headers: index.cgi
And Suexec log says :
[2016-04-23]: uid: (500/myweb) gid: (500/myweb) cmd: index.cgi
[2016-04-23]: error: target uid/gid (500/500) mismatch with directory (500/500) or program (0/0) or trusted user (0/10)
Since the problem seems from suexec I decided to check at it, so in WHM/Configure PHP and suEXEC I found it's status On, I disabled it and try to run website again but nothing changes, I enabled it again but website still cannot running.
I went to /usr/local/apache/conf/httpd.conf and removed the directive :
<IfModule !mod_disable_suexec.c>
<IfModule !mod_ruid2.c>
SuexecUserGroup myweb myweb
</IfModule>
</IfModule>
But that didn't solve the problem and the website still shows 500 internal server error
I changed te permission of /home/myweb/public_html/cgi-bin/ from 777 to 755 then to 775 but the problem still exist.
Can you help me to solve this problem.
change the permissions to 755 for all your files
and enjoy !
The problem is the un-appropriate permissions
We're running mod_perl on Apache 2 and get seemingly random header related errors that we just can't figure out. Due to the nature of the site we get hit by a ton of bots, so I'm thinking these are caused by bad or malformed requests from bots, but I'd like to figure it out for sure one way or another so I know where to go from here. Here's an example of the 2 most common errors we see in the logs:
[Thu Nov 13 21:40:48 2014] [warn] /whatever did not send an HTTP header
[Thu Nov 13 21:40:48 2014] [error] [client x] malformed header from script. Bad header=\x86z\x03d\x86z\x03d\x86z\x03d\x86z\x03d\x86z\x03d\x86z\x03d\x86z\x03d\x86z: index.cgi
[Fri Nov 14 00:04:17 2014] [warn] /whatever did not send an HTTP header
[Fri Nov 14 00:04:17 2014] [error] [client x] Premature end of script headers: index.cgi
We get 100s of 1,000s of requests to these same URLs daily, and they work fine 99.999% of the time. I don't believe it's our scripts - we always output correct headers. No real users have ever complained about any errors on our site, etc. so I'm hoping this is just caused by some bad requests from bots.
And if so, what if anything can we do to make these stop? It's a real pain because these errors trip our monitoring systems and my techie gets about 20-30 fake error alerts every day.
Turns out it was a problem with Safari browsers and mod_deflate compression.
The simple solution:
BrowserMatch Safari gzip-only-text/html
I'm getting the following errors in my erorr.log file on every request
[Fri Jan 29 14:44:17 2010] [debug] mod_deflate.c(619): [client 10.128.99.99] Zlib: Compressed 6025 to 1847 : URL
about 2 gigs worth (high load server)
any idea what this error is referring to?
Make sure you only have LogLevel specified once, or that you're changing it for the correct virtual host. And you'll need to kick apache of course.
doh! just found it... someone had set a specific error log for this particular virtual host and the loglevel was set to debug.