The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL Installation Error / Mod_Security tripping?

Discussion in 'Security' started by AbsoluteZero, Oct 15, 2009.

  1. AbsoluteZero

    AbsoluteZero Member

    Joined:
    Nov 20, 2003
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Hi everyone,

    I've got a new server with a clean WHM installation and am getting a strange situation where I just can't get a SSL certificate on the server's root domain to install properly. I get the ubiquitious "ssl_error_rx_record_too_long" error when going to the server root (ie: https://my.server.com) instead of the default "Great Success !" page.

    The usual fixes for this suggested in the many other threads about SSL errors (uninstalling / reinstalling / re-keying certificates, cleaning out old certs and keys, rebooting apache) haven't helped. I've installed SSL on other servers with no issues (albeit without mod_security enabled) so I'm relatively comfortable I'm not terribly botching things up on that front.

    In looking into my Apache error logs I'm generating the following error:

    Code:
    [Thu Oct 15 13:35:55 2009] [error] [client xx.xx.xx.xx] ModSecurity: Access denied with code 501 (phase 2). Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "38"] [id "960032"] [msg "Method is not allowed by policy"] [severity "CRITICAL"] [tag "POLICY/METHOD_NOT_ALLOWED"] [hostname "xx.xx.xx"] [uri "/"] [unique_id "Stdri0xK@AsAADXPHYkAAAAB"]
    I'm not particularly strong on Mod_Security, but would this suggest a Mod_Security rule is triggering?

    Any suggestions - or help parsing the error would be very much appreciated as I've been beating my head on this for a couple of days now and I'm running out of permutations and combinations to Google!
     
  2. AbsoluteZero

    AbsoluteZero Member

    Joined:
    Nov 20, 2003
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Just a quick addendum - I think this is a pure Mod_Security issue. Even with no SSL certificates on the system, trying to access the domain using https:// triggers the error.
     
Loading...

Share This Page