Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

ModSecurity Rule 9724108 PCRE limits exceeded

Discussion in 'EasyApache' started by inthukha, Aug 3, 2013.

  1. inthukha

    inthukha Well-Known Member

    Joined:
    Jul 17, 2013
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello,

    During browsing of few my website APache error logs generate the following errors on every website:


    Code:
    [Sat Aug 03 19:56:45 2013] [error] [client 22.323.24.18] ModSecurity: Rule 9724108 [id "390149"][file "/usr/local/apache/conf/modsec_rules/50_asl_rootkits.conf"][line "113"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "www.domain.com"] [uri "/index.php"] [unique_id "Uf0aLS6lzfMAABQWJ70AAAAH"]
    Its happen after i rebuild the apache with PHP 5.4.17, i have integrated Atomic rule and it was running perfect with last PHP build 5.3.25.

    Please advise, how can i fix this error ?
     
    #1 inthukha, Aug 3, 2013
  2. kernow

    kernow Well-Known Member

    Joined:
    Jul 23, 2004
    Messages:
    920
    Likes Received:
    13
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Try this, WHM>>>mod security>>>edit config and add/check for the following:
    SecPcreMatchLimit 100000
    SecPcreMatchLimitRecursion 100000
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 kernow, Aug 4, 2013
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,872
    Likes Received:
    89
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    If you are still getting the same issues try to add following value on your server

    Php.ini file
    Code:
    pcre.backtrack_limit = 10000000
pcre.recursion_limit = 10000000
    modsec2.user.conf file
    Code:
    SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 24x7server, Aug 5, 2013
  4. inthukha

    inthukha Well-Known Member

    Joined:
    Jul 17, 2013
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello,

    Thank you, i have added the changes within PHP.INI and modsec2.user.conf. and placed the both within them.

    one question, Atomic rule are auto updated ? or i need to update them ? if yes so How ? and once they updated or php upgraded should i need to place this changes again ?


    Thanks
     
    #4 inthukha, Aug 5, 2013
  5. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    It's important to keep in mind that these are custom Mod_Security rules provided by Atomicorp. An error or warning message related to these rules is more likely the result of a problem with the custom rules, as opposed to an issue with EasyApache or Mod_Security itself. You can find support for their custom rules at their website:

    Atomicorp/GotRoot Realtime Modsecurity Rules Support

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 cPanelMichael, Aug 5, 2013
(You must log in or sign up to post here.)
Loading...
Similar Threads - ModSecurity Rule 9724108
  1. lukekenny

    New Thread ModSecurity Rule Triggered by autodiscover

    lukekenny, Oct 14, 2018 at 5:11 AM, in forum: Security
    Replies:
    0
    Views:
    35
    lukekenny
    Oct 14, 2018 at 5:11 AM
  2. Volt55

    ModSecurity add & remove rule for a domain

    Volt55, Sep 16, 2018, in forum: Security
    Replies:
    2
    Views:
    99
    linux4me2
    Sep 17, 2018
  3. niceboy

    disable/enable a modsecurity rule thru ssh

    niceboy, Aug 4, 2018, in forum: EasyApache
    Replies:
    2
    Views:
    145
    cPanelMichael
    Aug 6, 2018
  4. ::Gomez::

    Why are modsecurity rules not installed by default?

    ::Gomez::, Jan 24, 2018, in forum: Security
    Replies:
    6
    Views:
    424
    quizknows
    Jan 24, 2018
  5. UmairSYS

    ModSecurity Rules and Alt Languages

    UmairSYS, Dec 19, 2017, in forum: Security
    Replies:
    12
    Views:
    728
    cPanelMichael
    Feb 28, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice