Failed to access DBM file Permission denied

CentOS 7.5 WHM 72.0 Apache 2.4 suphp (7.1)

Logs are filling with this, following a server migration. Logs never showed that on the older server, same configuration (at least what I think it is, but obviously SOMETHING is different now) :

ModSecurity: collections_remove_stale: Failed to access DBM file "/var/cpanel/secdatadir/global": Permission denied

No, I do not use mod_ruid2

 

No, because: ls: cannot access /var/cpanel/secdatadir/global: No such file or directory

 

[root@secure ~]# ls -lah /var/cpanel/secdatadir/
total 16K
drwxrwx--T 2 root nobody 4.0K Jul 30 12:00 .
drwx--x--x 106 root root 12K Jul 30 12:42 ..
-rw-r----- 1 root root 0 Jul 23 21:34 global.dir
-rw-r----- 1 root root 0 Jul 23 21:34 global.pag
-rwxr-xr-x 1 nobody nobody 0 Jul 30 12:00 ip.dir
-rwxr-xr-x 1 nobody nobody 0 Jul 30 12:00 ip.pag

 

FINALLY. Thank god, this will give a break to the hard drives... now please cPanel, can anybody add these 2 aforementioned commands to the WHM installation process?

THANK GOD (and/or @cPanelLauren !) this is resolved ;-)

Please mark as resolved. Why so fast? Because the second I chown'ed the previously mentioned files, hundreds of these lines a second stopped filling up the log :P

 

The server's hard drives were partitioned, formated and its OS (CentOS 7.5) was installed on wednesday the 25th (5 days ago). No sites were running on this server before cPanel was installed. Sites were running on the older server for years. Installing cPanel was the very first thing I did immediately after booting successfully in CentOS 7.5 for the first time following the hard drive partitionning and OS installation. Sites were all transferred using the "Transfer Tool" from server-A to server-B both on WHM 72.0 and this transfer process generated a bunch of issues that I still get to slowly fix, many of these were reported as forum posts on here by me over the last 5 days. Some still unresolved SO FEEL FREE TO CHECK THEM OUT! ;-) ;-)

MPM = Apache 2.4 is that what you wanted? Please explain further if this is not what you're after.

OWASP = OWASP ModSecurity Core Rule Set V3.0 / 100% vanilla/default rules set (no additional rule, no custom rule) except that I had to disable 4 rules that are really annoying, almost totally useless and interfering A LOT with my sites, basically generating 100% false positives and blanking out multiple pages of my sites. Something as silly as a script containing $_GET['user']. Rules like these are way too vague/abstract. They restrict a lot and don't block many attacks. It's not like the browser tried to mess with a SESSION var or a COOKIE. It's just a GET parameter... and one that the PHP programmer legitimately wants to use. /end of ranting