Security Policy Handling Failed

Operating System & Version
CentOS v7.9.2009
cPanel & WHM Version
cPanel & WHM v104.0.5 (STANDARD)

kurtc171

Registered
Jun 28, 2022
3
0
1
Philippines
cPanel Access Level
Root Administrator
I'm getting Security Policy Handling Failed. Please contact the system admin or check the error_log file. This error occurs when users login to webmail after entering the old and new password and clicking the "Change your password now!" button. see screenshot.

I've recently changed the settings on Home /Security Center /Configure Security Policies and enabled Password Strength.
I've tried restarting cpanel, but the problem still exist.

Error log:

Security Policy requires exec termination.
Cpanel::Exception::AdminBinError/(XID cenkqg) Parent check method: /usr/local/cpanel/cpanel,/usr/local/cpanel/uapi,/usr/local/cpanel/whostmgr/bin/xml-api,/usr/local/cpanel/libexec/queueprocd,/usr/local/cpanel/cpsrvd,/usr/local/cpanel/cpanel-email,/usr/local/cpanel/bas
e/resetpass.cgi, caller: /usr/local/cpanel/base/securitypolicy.cgi is not allowed
at /usr/local/cpanel/Cpanel/AdminBin/Call.pm line 218.
Cpanel::AdminBin::Call::_throw_error(HASH(0x2326940)) called at /usr/local/cpanel/Cpanel/AdminBin/Call.pm line 168
Cpanel::AdminBin::Call::_parse_cpwrapd_response(HASH(0x2326940)) called at /usr/local/cpanel/Cpanel/AdminBin/Call.pm line 92
Cpanel::AdminBin::Call::call("Cpanel", "mail", "CLEAR_AUTH_CACHE", "[email protected]") called at /usr/local/cpanel/Cpanel/Email/PasswdPop.pm line 77
Cpanel::Email::PasswdPop::passwd(__CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, ...) called at /usr/local/cpanel/Cpanel/Security/Policy/PasswordStrength/UI
/HTML.pm line 81
Cpanel::Security::Policy::PasswordStrength::UI::HTML::process(Cpanel::Security::Policy::PasswordStrength::UI::HTML=HASH(0x2315c50), HASH(0xb60c38), HASH(0x221a0c8), HASH(0x224e348)) called at /usr/local/cpanel/Cpanel/SecurityPolicy.pm line 130
Cpanel::SecurityPolicy::process_violated_policy(Cpanel::Security::Policy::PasswordStrength=HASH(0x224a8f8), HASH(0xb60c38), HASH(0x221a0c8), HASH(0x224e348), Cpanel::Logger=HASH(0x226c7b0)) called at base/securitypolicy.cgi.pl line 166
eval {...} called at base/securitypolicy.cgi.pl line 147
at base/securitypolicy.cgi.pl line 174.
[2022-07-13 10:40:02 +0800] warn [webmaild] The subprocess (securitypolicy) exited with an error (ID 941251550176279): The subprocess reported error number 255 when it ended. at /usr/local/cpanel/Cpanel/Server/Handlers/SubProcess.pm line 263.
Cpanel::Server::Handlers::SubProcess::_report_subprocess_errors(Cpanel::Server::Handlers::SubProcess=HASH(0x2545db0)) called at /usr/local/cpanel/Cpanel/Server/Handlers/SubProcess.pm line 110
Cpanel::Server::Handlers::SubProcess::handler(Cpanel::Server::Handlers::SubProcess=HASH(0x2545db0), "subprocess_name", "securitypolicy", "subprocess_pid_to_reap", 10882, "subprocess_read_handle", GLOB(0x2545ed0), "subprocess_write_handle", ...) called at cpsrv
d.pl line 7464
cpanel::cpsrvd::cgiHandler("app", "securitypolicy", "securitycontext", HASH(0x16c2f70), "document", "./") called at cpsrvd.pl line 2174
cpanel::cpsrvd::dodoc_securitypolicy(HASH(0x16c2f70)) called at cpsrvd.pl line 1709
cpanel::cpsrvd::handle_one_connection(12) called at cpsrvd.pl line 1137
cpanel::cpsrvd::script() called at cpsrvd.pl line 436
[2022-07-13 10:40:47 +0800] warn [securitypolicy] Cpanel::Wrap::send_cpwrapd_request error: namespace=[Cpanel] module=[mail] function=[CLEAR_AUTH_CACHE]: statusmsg=[Parent check method: /usr/local/cpanel/cpanel,/usr/local/cpanel/uapi,/usr/local/cpanel/whostmgr/bin/xml
-api,/usr/local/cpanel/libexec/queueprocd,/usr/local/cpanel/cpsrvd,/usr/local/cpanel/cpanel-email,/usr/local/cpanel/base/resetpass.cgi, caller: /usr/local/cpanel/base/securitypolicy.cgi is not allowed] at /usr/local/cpanel/Cpanel/Wrap.pm line 133, <$socket> line 1.
Cpanel::Wrap::send_cpwrapd_request("action", "fetch", "env", HASH(0x1f62d60), "module", "mail", "namespace", "Cpanel", ...) called at /usr/local/cpanel/Cpanel/Wrap.pm line 65
Cpanel::Wrap::send_cpwrapd_request_no_cperror("namespace", "Cpanel", "module", "mail", "function", "CLEAR_AUTH_CACHE", "data", ARRAY(0x1f633d8), ...) called at /usr/local/cpanel/Cpanel/AdminBin/Call.pm line 147
Cpanel::AdminBin::Call::_call_wrap(undef, "Cpanel", "mail", "CLEAR_AUTH_CACHE", "[email protected]") called at /usr/local/cpanel/Cpanel/AdminBin/Call.pm line 87
Cpanel::AdminBin::Call::call("Cpanel", "mail", "CLEAR_AUTH_CACHE", "[email protected]") called at /usr/local/cpanel/Cpanel/Email/PasswdPop.pm line 77
Cpanel::Email::PasswdPop::passwd(__CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, ...) called at /usr/local/cpanel/Cpanel/Security/Policy/PasswordStrength/UI
/HTML.pm line 81
Cpanel::Security::Policy::PasswordStrength::UI::HTML::process(Cpanel::Security::Policy::PasswordStrength::UI::HTML=HASH(0x1d255c0), HASH(0xb60c38), HASH(0x1c34098), HASH(0x1c68200)) called at /usr/local/cpanel/Cpanel/SecurityPolicy.pm line 130
Cpanel::SecurityPolicy::process_violated_policy(Cpanel::Security::Policy::PasswordStrength=HASH(0x1c647b0), HASH(0xb60c38), HASH(0x1c34098), HASH(0x1c68200), Cpanel::Logger=HASH(0x1c86618)) called at base/securitypolicy.cgi.pl line 166
eval {...} called at base/securitypolicy.cgi.pl line 147
 

Attachments

Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
Hey there! Can you confirm your server is running cPanel version 104? I haven't seen one of these pop up for a while, but we had an older case from 2020 (CPANEL-31536) that didn't get directly fixed as it was superseded by other work.

If this is happening in version 104, can you open a ticket with our support team and reference that case number so we can take a look?