PHP Handler set to none after update

robertjw

Member
Oct 18, 2013
14
0
1
cPanel Access Level
Root Administrator
Server is running
CENTOS 6.8 x86_64 WHM 62.0 (build 15)

Last night a cpanel update was logged in /var/cpanel/updatelogs. After this update completed the server crashed.

All PHP Handlers were changed from suphp to none

Any thoughts on why this would have happened?
 

robertjw

Member
Oct 18, 2013
14
0
1
cPanel Access Level
Root Administrator
Yikes! That's a pretty nasty bug. I've not seen anything like this reported. Any chance you could throw in a ticket so we can take a look and see what happened?
I can, but would that require access? I don't think the company this is for will allow external access for legal reasons.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Hello @robertjw,

Yes, it would require access to the affected system to take a closer look at what happened.

Does this system use any custom applications such as Nginx? Do you notice any error messages when browsing through the log file associated with this update in the /var/cpanel/updatelogs/ directory?

Thank you.
 

robertjw

Member
Oct 18, 2013
14
0
1
cPanel Access Level
Root Administrator
No, no Nginx or anything custom that I know of.

There are errors related to ModSecurity. I was attempting to run ModSecurity, but had trouble with the default modsec config vile locations. I thought I had it fixed, but the cpanel update must have created a duplicate config file resulting in some errors. We had several messages like this:
Code:
[2017-02-22 00:05:52 -0700]      [27621] ModSecurity: Found another rule with the same id
[2017-02-22 00:05:52 -0700]      [27621] AH00526: Syntax error on line 22 of /etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/00_Init_Initialization.conf:
[2017-02-22 00:05:52 -0700]      [27621] ModSecurity: Found another rule with the same id
[2017-02-22 00:05:52 -0700]      [27621] Can't use string ("Unable to detect Apache version "...) as a HASH ref while "strict refs" in use at /usr/local/cpanel/Cpanel/AdvConfig.pm line 68.
We had to disable ModSecurity to get Apache back up.

Only other error messages that aren't like those are these:
Code:
[2017-02-22 00:06:40 -0700]      [27621] (XID c9sb3e) The system failed to set the user ID to “501” and the group ID to “99” on “/home/npl/public_html/addons_sub/form” because of an error: Operation not permitted at /usr/local/cpanel/scripts/enablefileprotect line 101.
[2017-02-22 00:06:40 -0700]      [27621] (XID 7rqw6e) The system failed to set the permissions on “/home/npl/public_html/addons_sub/form” to “0750” (as EUID: 501, EGID: 99 99) because of the following error: Operation not permitted at /usr/local/cpanel/scripts/enablefileprotect line 101.
I wouldn't think any of these would change the PHP Handlers.
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Hello @robertjw,

We'd need access to an affected system in order to determine what might have happened. Feel free to open a support ticket if you'd like us to take a closer look.

Thank you.