The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ModSecurity : collections_remove_stale: Failed deleting collection cpanel

Discussion in 'Discusión en Español' started by migarcia, Apr 21, 2015.

  1. migarcia

    migarcia Well-Known Member

    Joined:
    Nov 16, 2012
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Barcelona
    cPanel Access Level:
    Website Owner
    Elmensajecompleto es este: [Mon Apr 20 12:42:39 2015] [error] [client 85.50.141.200] ModSecurity: collections_remove_stale: Failed deleting collection (name "ip", key "83.52.161.53_d5f8b32725126c86e6aea8241ca0936c5822cfa2"): Internal error [hostname "trapillomarket.es"] [uri "/tienda/themes/trapillomarket/img/bg_bt.gif"] [unique_id "VTTYHi5pFPYAADvkRo4AAAAI"]

    Lo primero que no entiendo, es porque aparecen dos direcciones IP, pero a partir de este mensaje, aparecen una coleccion de errores que terminan ineludiblemente en que CSF & LFD me termine bloqueando la IP del cliente.

    He estado leyendo en Google, y parece que existe un bug en alguna de las reglas de ModSecurity, loque no veo es como puedo desactivar las reglas problematicas desde WHM
    Adjunto el fichero ErrorLog de apache para la IP afectada
     

    Attached Files:

  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    I noticed the following in the log output you provided:

    Code:
    [Fri Apr 17 18:59:55 2015] [error] [client 83.52.161.53] ModSecurity: Access denied with redirection to http://trapillomarket.es/ using status 302 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/RESPONSE-50-DATA-LEAKAGES.conf"] [line "14"] [id "970901"] [rev "3"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: domain.es"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [hostname "domain.es"] [uri "/tienda/index.php"] [unique_id "VTE8Ci5pFPYAAA77NSIAAAAK"]
    You can disable specific rules (e.g. 970901) for Mod_Security via:

    "WHM Home » Security Center » Hits List"

    Thank you.

    Translation:

    Hola,

    Me di cuenta de lo siguiente en la salida del registro que ya ha proporcionado:

    Code:
    [Fri Apr 17 18:59:55 2015] [error] [client 83.52.161.53] ModSecurity: Access denied with redirection to http://trapillomarket.es/ using status 302 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/RESPONSE-50-DATA-LEAKAGES.conf"] [line "14"] [id "970901"] [rev "3"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: domain.es"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [hostname "domain.es"] [uri "/tienda/index.php"] [unique_id "VTE8Ci5pFPYAAA77NSIAAAAK"]
    Puede desactivar reglas específicas (por ejemplo, 970901) para mod_security través de:

    "Centro de WHM Inicio» Seguridad »Accesos Lista"

    Gracias.
     
  3. migarcia

    migarcia Well-Known Member

    Joined:
    Nov 16, 2012
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Barcelona
    cPanel Access Level:
    Website Owner
    Perfecto! eso era lo que necesitaba, no sabia como desactivar reglas especificas.

    Muchas gracias
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    I am happy to see that information was helpful. Thank you for updating us with the outcome.

    Translation:

    Estoy feliz de ver que la información era útil. Gracias por la actualización con el resultado que usted.
     
Loading...
Similar Threads - ModSecurity collections_remove_stale Failed
  1. migarcia
    Replies:
    4
    Views:
    521

Share This Page