Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

failed to lock global mutex

Discussion in 'Security' started by keat63, Jun 20, 2017.

Tags:
  1. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    981
    Likes Received:
    41
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I've spent a good few hours trying to find an answer to this, but I'm struggling.

    Can anyone explain what this meas in apache logs.

    [Tue Jun 20 14:13:28.316922 2017] [:error] [pid 18909] [client xxx.xxx.xxx.xxx] ModSecurity: Audit log: Failed to lock global mutex: Invalid argument [hostname "mydomain.com"] [uri "/cgi-sys/ea-php56/index.php"] [unique_id "WUkfdwhdWs2BJ4nkeYY4RAAAAAE"]
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,791
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    981
    Likes Received:
    41
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    These are similar to the ones I found. Unfortunately, they all appear to be related to Ruid2, which I don't currently use.
    Also, they mention "Permission denied" whereas I'm seeing "Invalid Argument"
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,791
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Are you using MPM ITK?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    981
    Likes Received:
    41
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I'm not using that either, I'm using SUExec
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,791
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Feel free to open a support ticket using the link in my signature if you'd like us to take a closer look at the affected system.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    981
    Likes Received:
    41
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    Ticket 8634193
     
  8. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    981
    Likes Received:
    41
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    support says:

    It appears that this is occurring when too many multiple entries are trying to be added to the modsec_audit log simultaneously and one cannot receive a file lock.

    This doesn't appear to be happening all the time. Based on what I see it's likely when a traffic spike happens.

    I checked the configuration in Home >> Security Center >>ModSecurity Configuration >> Configure Global Directives and it looks like you are logging all mod_security events to the Audit log.

    If you reduce the logging level you will likely see this error less ( if at all) since Apache won't be consistently writing to the mod_security audit log.

    Logging only noteworthy transactions would be the recommended setting in my opinion. You can always turn up the logging level later if you ever need it. In my experience the audit logs are only needed when troubleshooting an issue.
     
    cPanelMichael likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice