The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_ruid2 error

Discussion in 'General Discussion' started by Eduart Milushi, Jul 21, 2014.

  1. Eduart Milushi

    Joined:
    Jul 21, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Tirana, Albania, Albania
    cPanel Access Level:
    Root Administrator
    Hi there, since i'm new to cpanel and dedicated server i will need some help. I have worked with shared or managed hosting and now i'm running a dedicated server after some days searching i have configured cpanel and apache and php with mud_ruid and then i have installed xCache. But i'm getting an error frequently which is:

    [:error] [pid 9153] mod_ruid2 domain.com GET /themes/elegant/images/mobile_logo.png HTTP/1.1 chdir to /home/dirname/dirname failed

    Need help ASAP thnx
     
  2. Eduart Milushi

    Joined:
    Jul 21, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Tirana, Albania, Albania
    cPanel Access Level:
    Root Administrator
    Aswell im having these error for mod_security

    Code:
    [Tue Jul 22 06:56:52.274390 2014] [:error] [pid 11157] [client ***.***.***.*] ModSecurity: Access denied with code 406 (phase 2). Match of "rx ^apache.*perl" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "59"] [id "1234123429"] [msg "Request Indicates an automated program explored the site"] [severity "NOTICE"] [hostname "domain.com"] [uri "/gag/e21Ptfg"] [unique_id "U85DdLhrkvIAACuVRQ8AAAAC"]
    
    [Tue Jul 22 06:21:40.884009 2014] [:error] [pid 1511] [client ***.***.***.*] ModSecurity: Audit log: Failed to create subdirectories: /usr/local/apache/logs/modsec_audit/shomtek/20140722/20140722-0621 (Read-only file system) [hostname "domain.com"] [uri "/gag/JUNoSmr"] [unique_id "U847NLhrkvIAAAXnDYkAAAAa"]
    - - - Updated - - -

    Please if someone have any suggestions i will really appreciate it cuz i'm having a lot of problems when having more than 1000 user online :( the server take about 30 sec or more to load but the ram and other physic parameters are good
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you let us know the permission/ownership values on the directory that's referenced in the error message from your initial post? Also, your second post indicates a Read-only file system. Can you create new files on each partition? EX:

    Code:
    touch /usr/testfile123
    Thank you.
     
  4. Eduart Milushi

    Joined:
    Jul 21, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Tirana, Albania, Albania
    cPanel Access Level:
    Root Administrator
    Hi there, Thnx for the replay.

    The permission for the folder are as below

    Device: 902h/2306d Inode: 50334845 Links: 14
    Access: (0711/drwx--x--x) Uid: ( 0/ rootuser) Gid: ( 514/ cpaneluser)

    I dint understand your second answer :(

    I typed on ssh
    ' touch /usr/testfile123 ' and then try to cd on that directory and i got this
    ' /usr/testfile123: Not a directory '

    - - - Updated - - -

    As well im having this error and when the website has more than 1000 vsits at one time it need more than 30 sec to load :(
    Code:
    [Tue Jul 22 10:42:21.022249 2014] [:error] [pid 5207] [client 213.207.57.239] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?:\\\\b(?:(?:type\\\\b\\\\W*?\\\\b(?:text\\\\b\\\\W*?\\\\b(?:j(?:ava)?|ecma|vb)|application\\\\b\\\\W*?\\\\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\\\\b.{0,100}?\\\\bsrc)\\\\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)| ..." at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "120"] [id "1234123449"] [msg "Cross-site Scripting (XSS) Attack"] [data "<iframe"] [severity "CRITICAL"] [tag "WEB_ATTACK/XSS"] [hostname "500gag.com"] [uri "/themes/elegant/images/favicon_custom.png"] [unique_id "U854TLhrkvIAABRXgigAAACh"]
    
     
  5. Eduart Milushi

    Joined:
    Jul 21, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Tirana, Albania, Albania
    cPanel Access Level:
    Root Administrator
    The folder is /virtfs/ and the permissions are as follow:

    Code:
     Access: (0711/drwx--x--x)  Uid: (    0/    rootuser)   Gid: (  514/ cpaneluser) [code]
    
    and for the second answer i didn't understand it very well, but i have typed on ssh[code]  touch /usr/testfile123 
    and nothing happened then i try to cd to that and i got this
    Code:
     /usr/testfile123: Not a directory 
    - - - Updated - - -

    i'm receiving this error as well:

    Code:
     [Tue Jul 22 10:42:21.022249 2014] [:error] [pid 5207] [client ***.***.**.***] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?:\\\\b(?:(?:type\\\\b\\\\W*?\\\\b(?:text\\\\b\\\\W*?\\\\b(?:j(?:ava)?|ecma|vb)|application\\\\b\\\\W*?\\\\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\\\\b.{0,100}?\\\\bsrc)\\\\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)| ..." at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "120"] [id "1234123449"] [msg "Cross-site Scripting (XSS) Attack"] [data "<iframe"] [severity "CRITICAL"] [tag "WEB_ATTACK/XSS"] [hostname "500gag.com"] [uri "/themes/elegant/images/favicon_custom.png"] [unique_id "U854TLhrkvIAABRXgigAAACh"]
    
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please feel free to open a support ticket if you want us to take a closer look. You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
Loading...

Share This Page