1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Getting 404 error after enabling modsecurity

Discussion in 'Web Hosting' started by thenetedge, Mar 20, 2019.

  1. #1
    Hi,

    I have Cpanel/WHM. I have enabled modsecurity on my whm server. After enabling it I have started getting 404 not found error in some of the operations of my admin area.

    How can I resolve it ?
     
    thenetedge, Mar 20, 2019 IP
  2. UnderHost_MSA

    UnderHost_MSA Notable Member

    Messages:
    1,194
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    200
    #2
    I assume you have some knowledge of Linux server/cPanel, you will need to check mod_security logs and check the rules that your script get caught with and disabled or rearrange mod_security rules accordingly.

    Usually
    /etc/apache2/logs/modsec_audit.log

    Do you use your own rules or using waf or another free modsec rules?

     
    UnderHost_MSA, Apr 3, 2019 IP
  3. dts-net

    dts-net Well-Known Member

    Messages:
    71
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    175
    #3
    also contact cpanel support
     
    dts-net, Apr 9, 2019 IP
  4. EvoWRZ®

    EvoWRZ® Notable Member

    Messages:
    741
    Likes Received:
    26
    Best Answers:
    0
    Trophy Points:
    210
    #4
    That error has nothing to do with mod_security, better check the file is in there or not.
     
    EvoWRZ®, Mar 12, 2020 IP
  5. SolaDrive

    SolaDrive Well-Known Member

    Messages:
    122
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    153
    #5
    Try using the OWASP ruleset instead, it's usually a lot less problematic.

    Also try tail -f /usr/local/apache/logs/error_log and replicate the issue at the same time. It should shed some light on the issue.

    But the issue is most likely caused by a rule you have that is breaking your front end, 404's are usually the end result of a 5xx error. So check the error using the above method and then find the rule causing it in /etc/httpd/conf/modsec2.conf
     
    SolaDrive, Mar 18, 2020 IP
  6. monovm

    monovm Active Member

    Messages:
    29
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    73
    #6
    First, it is better to check the ModSecurity rules via ConfigServer ModSecControl inside the WHM. If you don't find the abnormal configuration, check the ModSecurity logs.
    /usr/local/apache/logs/modsec_audit.log
    If you send the logs here, we can advise better. Most probably, you have a permission problem in the directories.
     
    monovm, Aug 3, 2022 IP