modsecurity_http_policy.conf file location

[atlantis21]

Hello,

I have problem with WordPress:
Method Not Implemented POST to /wp-admin/post.php not supported.

So, I figured that mod security cause this problem.
And solution on wp forum is:

Modified one rule in the modsecurity_http_policy.conf file located @ /etc/httpd/modsecurity.d/modsecurity_crs_30_http_policy.conf

FROM:

SecRule REQUEST_HEADERS:Content-Type "!(?:^(?:application/x-www-form-urlencoded$|multipart/form-data;)|text/xml)"

TO:

SecRule REQUEST_HEADERS:Content-Type "!(?:^(?:application/x-www-form-urlencoded$|application/x-www-form-urlencoded; charset=UTF-8$|multipart/form-data;)|text/xml)"

But I cannot find location of modsecurity_http_policy.conf file.
Can anybody help me?

 

[HostingH]

Hello,

All modsecurity conf files are located under : /etc/httpd/conf dir. If its related with modsec, check apache logs there you can see it.
Or for testing purpose, disable modsecurity for that domain only.

Thanks,

 

[atlantis21]

I cant disable for domain. I have this error:

Rebuilding and restarting Apache:
Initial configuration generation failed with the following message:

[Tue Jan 28 16:25:37 2014] [crit] (EAI 9)Address family for hostname not supported: alloc_listener: failed to set up sockaddr for ::

Configuration problem detected on line 172 of file /usr/local/apache/conf/httpd.conf.work.NfYPwtyFanlFSwU7:	Listen setup failed

	--- /usr/local/apache/conf/httpd.conf.work.NfYPwtyFanlFSwU7 ---
	166# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
	167
	168
	169PidFile logs/httpd.pid
	170LockFile logs/accept.lock
	171Listen 0.0.0.0:80
	172 ===> Listen [::]:80 <===
	173User nobody
	174Group nobody
	175ExtendedStatus On
	176ServerAdmin [email protected]
	177ServerName server123.com
	178LogLevel warn
	--- /usr/local/apache/conf/httpd.conf.work.NfYPwtyFanlFSwU7 ---


Rebuilding configuration without any local modifications.

Failed to generate a syntactically correct Apache configuration.
Bad configuration file located at /usr/local/apache/conf/httpd.conf.work.NfYPwtyFanlFSwU7
Error:
[Tue Jan 28 16:25:38 2014] [crit] (EAI 9)Address family for hostname not supported: alloc_listener: failed to set up sockaddr for ::

Configuration problem detected on line 172 of file /usr/local/apache/conf/httpd.conf.work.NfYPwtyFanlFSwU7:	Listen setup failed

	--- /usr/local/apache/conf/httpd.conf.work.NfYPwtyFanlFSwU7 ---
	166# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
	167
	168
	169PidFile logs/httpd.pid
	170LockFile logs/accept.lock
	171Listen 0.0.0.0:80
	172 ===> Listen [::]:80 <===
	173User nobody
	174Group nobody
	175ExtendedStatus On
	176ServerAdmin [email protected]
	177ServerName server123.com
	178LogLevel warn
	--- /usr/local/apache/conf/httpd.conf.work.NfYPwtyFanlFSwU7 ---



...Done

 

[cPanelMichael]

You may want to install a Mod_Security management utility such as CSF Mod_Security Control to more easily manage the rules and modify them on individual accounts.

Thank you.

 

[atlantis21]

You may want to install a Mod_Security management utility such as CSF Mod_Security Control to more easily manage the rules and modify them on individual accounts.

Thank you.

I alredy have CSF Mod_Security Control, and that error is from there.

 

[cPanelMichael]

(EAI 9)Address family for hostname not supported: alloc_listener: failed to set up sockaddr

I have seen several instances where rebuilding Apache via EasyApache has resolved this issue. If that does not help, feel free to open a support ticket using the link in my signature so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome.

Thank you.

 

[cPanelPeter]

Hello,

So you're stating that when you disable mod security for one domain that it fails to rebuild with the above error?
Have you contacted support for CMC (ConfigServer ModSecurity Control) or posted this on their forums yet?

Is Apache running at all right now?

 

[atlantis21]

I think there is problem with Apache. I will update apache later and report back.