The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can't execute two Perl scripts after tweaking server security.

Discussion in 'Security' started by SuperBaby, Jan 20, 2005.

  1. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    331
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    I did some server tweaking plus installing mod_security. Now I cannot run two Perl scripts from browser. But I get no error when I do "perl script.cgi" from shell. The chmod values are correct and the scripts not corrupted. I reverted the security setting and disabled mod_security but the scripts still failed from shell. Error log said something like premature header. Any idea?
     
  2. HostMerit

    HostMerit Well-Known Member

    Joined:
    Oct 24, 2004
    Messages:
    160
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Jersey, USA
    cPanel Access Level:
    DataCenter Provider
    You might have enabled phpSuexec, which is giving you premature error. Also your chmod settings might be incorrect, try chmodding to 755, or 600. You can easily fix the issue of mod_security by editing your conf, it may be by default located at /usr/local/apache/logs/mod_security.conf, or the IfModule may be included in httpd.conf, just disable a setting that should look like the below:

    SecFilter "perl/x20script.cgi"

    and remove the above, that should allow it to run, also, look for:

    SecFilter "perl/x20"

    Which may also be there, limiting it.

    Check out my version of mod_security conf: http://kris.nu/mod_security.conf
     
  3. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    331
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    You might have enabled phpSuexec, which is giving you premature error.
    :) How do you disabled phpSuexec? I did that under WHM >> Service Config >> Disable suexec .... but still get Error 500.

    Also your chmod settings might be incorrect, try chmodding to 755, or 600.
    :) Both 755 and 600 gave Error 500 still.

    SecFilter "perl/x20script.cgi"
    :) Can't find this line under my httpd.conf

    SecFilter "perl/x20"
    :) I have comment-out this line early in the beginning. This is the only thing that I comment-out of default settings.

    Thanks for helping.
     
  4. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    331
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    Forgot to say this:

    I earlier tried to comment out ALL filters in mod_security and the scripts still failed. So I guess it has nothing got to do with mod_security. The scripts give no error when running from shell (either as Root or subuser). It only give Error 500 when viewed with a browser. Error log said something like "premature header".

    That is the clue.
     
Loading...

Share This Page