Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SSL Installation Error / Mod_Security tripping?

Discussion in 'Security' started by AbsoluteZero, Oct 15, 2009.

  1. AbsoluteZero

    AbsoluteZero Member

    Joined:
    Nov 20, 2003
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    Hi everyone,

    I've got a new server with a clean WHM installation and am getting a strange situation where I just can't get a SSL certificate on the server's root domain to install properly. I get the ubiquitious "ssl_error_rx_record_too_long" error when going to the server root (ie: https://my.server.com) instead of the default "Great Success !" page.

    The usual fixes for this suggested in the many other threads about SSL errors (uninstalling / reinstalling / re-keying certificates, cleaning out old certs and keys, rebooting apache) haven't helped. I've installed SSL on other servers with no issues (albeit without mod_security enabled) so I'm relatively comfortable I'm not terribly botching things up on that front.

    In looking into my Apache error logs I'm generating the following error:

    Code:
    [Thu Oct 15 13:35:55 2009] [error] [client xx.xx.xx.xx] ModSecurity: Access denied with code 501 (phase 2). Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "38"] [id "960032"] [msg "Method is not allowed by policy"] [severity "CRITICAL"] [tag "POLICY/METHOD_NOT_ALLOWED"] [hostname "xx.xx.xx"] [uri "/"] [unique_id "Stdri0xK@AsAADXPHYkAAAAB"]
    I'm not particularly strong on Mod_Security, but would this suggest a Mod_Security rule is triggering?

    Any suggestions - or help parsing the error would be very much appreciated as I've been beating my head on this for a couple of days now and I'm running out of permutations and combinations to Google!
     
  2. AbsoluteZero

    AbsoluteZero Member

    Joined:
    Nov 20, 2003
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    Just a quick addendum - I think this is a pure Mod_Security issue. Even with no SSL certificates on the system, trying to access the domain using https:// triggers the error.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice