The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Apache Status blank

Discussion in 'EasyApache' started by thehostinghut, Jan 15, 2005.

  1. thehostinghut

    thehostinghut Well-Known Member

    Joined:
    Jan 5, 2005
    Messages:
    232
    Likes Received:
    0
    Trophy Points:
    16
    My Apache status page is blank when I click on the link. I searched the fourms and tried uncommented <Location /server-status> and everything below and even add allow local host. Still not working.

    I have installed these items below:

    APF
    BFD
    mod_security
    mod_dosevasive
    chkrootkit

    I don't know if one of the mod scripts messed it up or what.
    Has anyone else had this issue after installing any one of these scripts?

    Apache is running and all sites are up, but I just like eveything to work like it should.

    Thanks,

    Tracy
     
  2. Sinewy

    Sinewy Well-Known Member

    Joined:
    May 15, 2004
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney, Australia
    cPanel Access Level:
    DataCenter Provider
    Change <Location /server-status> to <Location /whm-server-status> then httpd restart
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    ...and check your /etc/httpd/logs/audit_log as I've seen mod_security filters that will prevent you from seeing apache status in WHM.
     
  4. thehostinghut

    thehostinghut Well-Known Member

    Joined:
    Jan 5, 2005
    Messages:
    232
    Likes Received:
    0
    Trophy Points:
    16
    I think it is mod_security that is causing the issue. Does anyone kow how to fix it? Here is some of what is in the log file:

    Content-Type: text/html; charset=iso-8859-1
    ========================================
    Request: 127.0.0.1 - - [15/Jan/2005:00:48:51 -0600] "GET / HTTP/1.0" 406 335
    Handler: (null)
    ----------------------------------------
    GET / HTTP/1.0
    mod_security-message: Access denied with code 406. Pattern match "^$" at HEADER.
    mod_security-action: 406

    HTTP/1.0 406 Not Acceptable
    Connection: close
    Content-Type: text/html; charset=iso-8859-1
    ========================================
    Request: 127.0.0.1 - - [15/Jan/2005:00:50:00 -0600] "GET /whm-server-status HTTP/1.0" 406 352
    Handler: server-status
    ----------------------------------------
    GET /whm-server-status HTTP/1.0
    mod_security-message: Access denied with code 406. Pattern match "^$" at HEADER.
    mod_security-action: 406

    HTTP/1.0 406 Not Acceptable
    Connection: close
    Content-Type: text/html; charset=iso-8859-1
    ========================================
    Request: 127.0.0.1 - - [15/Jan/2005:00:55:01 -0600] "GET /whm-server-status HTTP/1.0" 406 352
    Handler: server-status
    ----------------------------------------
    GET /whm-server-status HTTP/1.0
    mod_security-message: Access denied with code 406. Pattern match "^$" at HEADER.
    mod_security-action: 406

    HTTP/1.0 406 Not Acceptable
    Connection: close
    Content-Type: text/html; charset=iso-8859-1
    ========================================
    Request: 127.0.0.1 - - [15/Jan/2005:00:57:11 -0600] "GET / HTTP/1.0" 406 335
    Handler: (null)
    ----------------------------------------
    GET / HTTP/1.0
    mod_security-message: Access denied with code 406. Pattern match "^$" at HEADER.
    mod_security-action: 406

    HTTP/1.0 406 Not Acceptable
    Connection: close
    Content-Type: text/html; charset=iso-8859-1
    ========================================
    Request: 127.0.0.1 - - [15/Jan/2005:01:00:00 -0600] "GET /whm-server-status HTTP/1.0" 406 352
    Handler: server-status
    ----------------------------------------
    GET /whm-server-status HTTP/1.0
    mod_security-message: Access denied with code 406. Pattern match "^$" at HEADER.
    mod_security-action: 406


    Will I have to go through a mod serurity file and edit it or take out a ban?

    If you need more info please let me know. That was only part of the audit log. I will be looking in the mean time.

    Thanks!!!

    Tracy
     
  5. thehostinghut

    thehostinghut Well-Known Member

    Joined:
    Jan 5, 2005
    Messages:
    232
    Likes Received:
    0
    Trophy Points:
    16
    Ok I put # infront of all of the stuff that deals with mod serurity and now it works.

    I guess I will have to find out where mod security is messing this hole deal up. If anyone knows please tell me so I am not looking for days on this.

    Thanks again,

    Tracy
     
  6. thehostinghut

    thehostinghut Well-Known Member

    Joined:
    Jan 5, 2005
    Messages:
    232
    Likes Received:
    0
    Trophy Points:
    16
    Well I think I have found the line that is causing me issues:

    SecFilterSelective "HTTP_USER_AGENT|HTTP_HOST" "^$"

    The apache status still work it I put # infront of it.

    De we know what that does beside break to status of ever piece of software the calls for it.

    Mod_security breaks thinkgs in lpanel even with this commented out. I will have to play a little.

    But any advice would help.

    Here is my file

    #SecFilterEngine On
    #SecFilterCheckURLEncoding On
    #SecFilterForceByteRange 0 255
    #SecAuditEngine RelevantOnly
    #SecAuditLog logs/audit_log
    #SecFilterDebugLog logs/modsec_debug_log
    #SecFilterDebugLevel 0
    #SecFilterScanPOST On
    #SecFilterDefaultAction "deny,log,status:406"
    #SecFilter /boot
    #SecFilter /dev
    #SecFilter /etc
    #SecFilter /initrd
    #SecFilter /lib
    #SecFilter /lost+found
    #SecFilter /misc
    #SecFilter /mnt
    #SecFilter /proc
    #SecFilter /root
    #SecFilter /sbin
    #SecFilter /scripts
    #SecFilter /tmp
    #SecFilter /usr/local/apache
    #SecFilter /usr/local/cpanel
    #SecFilter /usr/local/mysql
    #SecFilter /var
    #SecFilter /boot/
    #SecFilter /dev/
    #SecFilter /etc/
    #SecFilter /initrd/
    #SecFilter /lib/
    #SecFilter /lost+found/
    #SecFilter /misc/
    #SecFilter /mnt/
    #SecFilter /proc/
    #SecFilter /root/
    #SecFilter /sbin/
    #SecFilter /scripts/
    #SecFilter /tmp/
    #SecFilter /usr/local/apache/
    #SecFilter /usr/local/cpanel/
    #SecFilter /usr/local/mysql/
    #SecFilter /var/
    #SecFilter /bin/cc
    #SecFilter /bin/gcc
    #SecFilter "<[[:space:]]*script"
    #SecFilter "<(.|\n)+>"
    #SecFilter "delete[[:space:]]+from"
    #SecFilter "insert[[:space:]]+into"
    #SecFilter "select.+from"
    #SecFilterSelective "HTTP_USER_AGENT|HTTP_HOST" "^$"

    I don't know if I should have posted that but oh well

    Thanks,

    Tracy
     
    #6 thehostinghut, Jan 15, 2005
    Last edited: Jan 15, 2005
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That's the nature of the beast, really. Mod_security is a blunt tools, but is very effective. It will always need tweaking for your servers needs and as you've dicovered, it's a matter of finding the filter in questions and commenting it out since it's causing you problems. You've still the others in place working for you and looking around the web and these forums offers up new and alternative filters that you can try out.
     
  8. thehostinghut

    thehostinghut Well-Known Member

    Joined:
    Jan 5, 2005
    Messages:
    232
    Likes Received:
    0
    Trophy Points:
    16
    Well for the moment it did the minamal security option. I will lock it down more later. But it all works like it is.

    I will have to look for some more doc on this when I get the chance.

    Thanks crimpy you hit the nail on the head with this one. I thought it maight have been mod security.

    Tracy
     
Loading...

Share This Page