I've enabled all 21 sets of rules and disabled them one by one. I've disabled all 21 sets of rules and enabled them, one by one. Each step checking for that message in: /usr/local/apache/logs/modsec_audit.log and finding it.I'm wondering about this too. Does anyone know how to disable the particular rule that is causing the "Rule processing failed" issue?
I am experiencing this problem with neither Mod_Ruid2 or MPM-ITK or mod_fcgid. I am using WHM 11.48.1 (build 2) and Apache 2.4.12 and php 5.4.38 (just ran easy apache to be sure all was up to date with minor versions).Just to clarify, do you experience this problem, and at the same time do not utilize Mod_Ruid2 or MPM-ITK?
Just for clarification, when you say that there is an internal case and give us the number, is there a way that we can monitor the progress or ideally get some work around or additional diagnostic. Still have all modsecurity turned off as to all the problems this has caused, but do not think that is a interim reasonable solution.This thread has been noted in internal case number 163393 so ensure our developers are aware of this thread.
Yes, I think so, because I disabledFrom googling it looks like a problem with the geo database?
The internal case is not viewable to the public. It's provided as a reference so you can monitor our change log and determine when a resolution or change has been implemented. There's currently no update to this case, but I will update this thread with more information should it become available.Just for clarification, when you say that there is an internal case and give us the number, is there a way that we can monitor the progress or ideally get some work around or additional diagnostic. Still have all modsecurity turned off as to all the problems this has caused, but do not think that is a interim reasonable solution.
I know cPanel has competing priorities, but after wasting hours on this (GeoIP rule didn't do it for me), placing a support ticket that said it was out of scope to config modsecurity and watching this thread, the tradgedy is that people give up and leave modsec disabled. Including modsec seems to be a priority for cPanel, hope making it work (with common configs) is also a priority ....Two years later and we are still seeing this issue with modsecurity and ruid2? What a damn headache! Why has this not been corrected by anyone?
|Thread starter||Similar threads||Forum||Replies||Date|
|U||OWASP ModSecurity Core Rule Set V3.0 notifications||Security||3|
|M||ModSecurity false-positive with ConfigServer cXs ModSecurity rule||Security||3|
|M||ModSecurity rules triggered but not blocking the attacker||Security||5|
|I||Block IP if triggered a critical modsecurity rule repeatedly||Security||2|
|F||ModSecurity: Rule processing failed||Security||3|