Unblock IP from mod_security on Centos 6

Joe Strandberg

Registered
Jun 5, 2015
4
0
1
At work :(
cPanel Access Level
Root Administrator
I was trying to make a change in my Magento backend in the design section. It absolutely will not save anything, despite what it says. Everything else works, just not design.

I couldn't figure out why, but then I got an email saying mod_security blocked my IP. the url it gave for the block was of course the design page I was on. So, I'm thinking mod_security is the problem. I could be wrong though. I'm white listed in csf, but I'm not sure if that would matter.

I've been Googleing it for a while, but I can't find anything. If someone could tell me what to do, or at least point me in the right direction, I'd really appreciate it!

CENTOS 6.6 x86_64 standard
WHM 11.48.4 (build 4)
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
ModSecurity doesn't actually block IPs, only requests (unless you have very advanced rules).

Most likely it's CSF that blocked it, which it will do if it sees repeated ModSecurity errors.

Sometimes being in csf.allow is not enough, you need to be in csf.ignore as well, and fully restart CSF/LFD (just restarting CSF does not restart LFD). I usually just run "csf -x ; csf -e" to fully disable / re-enable the services if I make changes to LFD.

Also, check your IP in the apache error log, you'll want to find the ModSecurity rule ID to whitelist.
 

Joe Strandberg

Registered
Jun 5, 2015
4
0
1
At work :(
cPanel Access Level
Root Administrator
ModSecurity doesn't actually block IPs, only requests (unless you have very advanced rules).

Most likely it's CSF that blocked it, which it will do if it sees repeated ModSecurity errors.

Sometimes being in csf.allow is not enough, you need to be in csf.ignore as well, and fully restart CSF/LFD (just restarting CSF does not restart LFD). I usually just run "csf -x ; csf -e" to fully disable / re-enable the services if I make changes to LFD.

Also, check your IP in the apache error log, you'll want to find the ModSecurity rule ID to whitelist.
I added myself to cfs.ignore restarted and still nothing. So, then I checked the logs. Here's what I got:

Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20100525/sqlite.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20100525/sqlite.so: cannot open shared object file: No such file or directory in Unknown on line 0, referer:

Does that mean it has something to do with a missing extension or mysql? Because I did just recently enable
innodb_buffer_pool_size and assign it 2GB since I have 16GB of RAM.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
That's a PHP error, likely php.ini is calling an extension at the wrong path or the extension does not exist. Possible solutions:

Check your extension settings in /usr/local/lib/php.ini

Check for custom php.ini that may not have been updated since the last Easyapache run.

Run an easyapache to see if that corrects the extension paths, and make sure all PHP options you require are actually being compiled.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463
Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20100525/sqlite.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20100525/sqlite.so: cannot open shared object file: No such file or directory in Unknown on line 0, referer:
Hello,

Yes, as mentioned, check to see if you have a custom php.ini file within the account. If so, move it out of the way so the account uses /usr/local/lib/php.ini. This will allow you to determine if the custom php.ini file is the cause of the problem.

Thank you.
 
Thread starter Similar threads Forum Replies Date
L Security 15
M Security 7
M Security 2
H Security 4
D Security 6