Applicable to:
- Plesk for Linux
Symptoms
-
ModSecurity blocks access to the file with the following errors in
/var/log/modsecurity_audit.log
:CONFIG_TEXT: Message: collections_remove_stale: Failed to access DBM file "/var/cache/modsecurity/apache-global": Permission denied
Message: collections_remove_stale: Failed to access DBM file "/var/cache/modsecurity/apache-ip": Permission denied -
Content of the directory as follows:
# ls -la /var/cache/modsecurity/
drwxr-x--- 2 root root 4096 May 4 15:12 .
drwx------ 10 root root 4096 Apr 15 10:52 ...
Or entire directory is missing:# ls -la /var/cache/modsecurity/
ls: cannot access /var/cache/modsecurity/: No such file or directory
Cause
Corrupted ModSecurity cache.
Resolution
-
Login server via SSH
- Re-create directory if missing and set up proper permissions/ownership:
# mkdir /var/cache/modsecurity/
# chmod 750 /var/cache/modsecurity/
# chown apache:root /var/cache/modsecurity/
-
Fix permissions and re-create files:
# chown apache:root /var/cache/modsecurity/./
# chmod 755 /var/cache/modsecurity/../
# cd /var/cache/modsecurity/
# touch apache-global.dir && chown apache:apache apache-global.dir && chmod 640 apache-global.dir
# touch apache-global.pag && chown apache:apache apache-global.pag && chmod 640 apache-global.pag
# touch apache-ip.dir && chown apache:apache apache-ip.dir && chmod 640 apache-ip.dir
# touch apache-ip.pag && chown apache:apache apache-ip.pag && chmod 640 apache-ip.pag
- (Additional step incase SELinux is in use)
# chcon -R -t httpd_cache_t /var/cache/modsecurity
Comments
1 comment
Hi, I've confirmed that all the DBM files are correctly created and have the right permissions. However I still have an error in the logs regarding access to those files. I've disabled modsecurity. I'm running Plesk Obsidian Version 18.0.34 on CentOS 8.
Please sign in to leave a comment.