Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Mod_Security thinks user/tmp is main /tmp and blocking ?

Discussion in 'Security' started by jeroman8, Aug 26, 2008.

  1. jeroman8

    jeroman8 Well-Known Member

    Joined:
    Mar 14, 2003
    Messages:
    410
    Likes Received:
    0
    Trophy Points:
    166
    Hello!

    Mod_security is reading commands wrong or something is really messed
    up with apache/php cause it's the wrong /tmp path used.

    Domain/Account BBBB.com is trying to create a session file but is blocked
    by mod_secuity cause it say BBBB.com is trying to create the file in
    AAA accounts /tmp folder!

    [Mon Aug 25 23:12:26 2008] [error] [client xxx]
    mod_security: Access denied with code 406. read_post_payload:
    Failed to create file "/home/AAA/tmp/xxxxrequest_body-PQp5Xo"
    because 13("Permission denied") [hostname "BBBBB.com"] [uri "/admin/categories.php?action=insert_category&cPath=154"]

    BBBB has it's own /tmp and home folder and is not realted to AAA at all.
    But it's not only BBBB being blocked due to this, it a lot of accounts.

    I restarted mysql and apache and it helped.


    What happened ?
    Something with mod_Sec mysql maybe ?
    Why did mod_sec think they all wanted to use AAA /tmp folder ?
    or did they really trying that .....

    (edit) NOTE: /tmp path in php is set to /tmp all the time
     
  2. smisha

    smisha Registered

    Joined:
    Mar 6, 2007
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    151
    For me the issue is fixed by uncommenting 'session.save_path = /tmp' in php.ini :)
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice