The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Mod_Security thinks user/tmp is main /tmp and blocking ?

Discussion in 'Security' started by jeroman8, Aug 26, 2008.

  1. jeroman8

    jeroman8 Well-Known Member

    Joined:
    Mar 14, 2003
    Messages:
    410
    Likes Received:
    0
    Trophy Points:
    16
    Hello!

    Mod_security is reading commands wrong or something is really messed
    up with apache/php cause it's the wrong /tmp path used.

    Domain/Account BBBB.com is trying to create a session file but is blocked
    by mod_secuity cause it say BBBB.com is trying to create the file in
    AAA accounts /tmp folder!

    [Mon Aug 25 23:12:26 2008] [error] [client xxx]
    mod_security: Access denied with code 406. read_post_payload:
    Failed to create file "/home/AAA/tmp/xxxxrequest_body-PQp5Xo"
    because 13("Permission denied") [hostname "BBBBB.com"] [uri "/admin/categories.php?action=insert_category&cPath=154"]

    BBBB has it's own /tmp and home folder and is not realted to AAA at all.
    But it's not only BBBB being blocked due to this, it a lot of accounts.

    I restarted mysql and apache and it helped.


    What happened ?
    Something with mod_Sec mysql maybe ?
    Why did mod_sec think they all wanted to use AAA /tmp folder ?
    or did they really trying that .....

    (edit) NOTE: /tmp path in php is set to /tmp all the time
     
  2. smisha

    smisha Registered

    Joined:
    Mar 6, 2007
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    For me the issue is fixed by uncommenting 'session.save_path = /tmp' in php.ini :)
     
Loading...

Share This Page