phpMyAdmin Delete Queries won't execute - "Access Denied: Security Token Failure"

mikelegg

Well-Known Member
Mar 29, 2005
330
3
166
Ever since the latest phpMyAdmin update (with the new pretty look) I can't execute DELETE queries via it.

I get an "Access Denied: Security Token Failure" error whichs asks me to enter my cPanel login details again.
When I re-enter my login details I get a 404 error.

I've tried Firefox 5.0 and IE 9.0.1 with the same results.
 

mikelegg

Well-Known Member
Mar 29, 2005
330
3
166
Gary from cPanel identified the problem in 5 minutes - Mod Security.

ModSecurity: Access denied with code 406 (phase 2). Pattern match "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" at ARGS:sql_query. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "354"] [id "300015"] [rev "1"] [msg "Generic SQL injection protection"] [severity "CRITICAL"] [hostname "domain.tld"] [uri "/cpsess940558260/3rdparty/phpMyAdmin/sql.php"] [unique_id "TkG-QXZYGEEAAGoBG4IAAAAA"]

There is an open bug report about mod security coming into contact with the apache backend on cPanel ports, causing issues like this.