Web pages are error messages 500 & 403 and some work!?

Discussion in 'General' started by -IFFI_, Aug 10, 2013.

  1. -IFFI_

    -IFFI_ New Member

    Hi all,

    Sorry my bad english, i use google translator to write englant.

    I have a big big problem and I can do nothing more to understand what is happening on the server. Before some of the technical details;

    Server distro: Debian 7 wheezy, 64bit. Software: Apache/2.2.0, MySQL 5.5.31, PHP 5.4, ISPconfig-3

    The issues are:

    go to the http://iffimusic.info website and see error 403 Forbidden sometimes 500 Internal Server Error

    If go to http://hosting-networks.com/ It works when there is a index.HTML if i change index.PHP then see error 403 Forbidden.

    If go to https://hosting-networks.com:8080/webmail/ roundcube works nice. However, if the switch https://hosting-networks.com:8080/ see 500 Internal Server Error

    /var/log/apache2/error.log
    Code:
    [Sat Aug 10 16:51:01 2013] [error] [client 5.135.178.42] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^apache.*perl" against "REQUEST_HEADERS:User-Agent" required. [file "/etc/apache2/modsecurity-core-rules/modsecurity_crs_35_bad_robots.conf"] [line "29"] [id "990011"] [msg "Request Indicates an automated program explored the site"] [severity "NOTICE"] [tag "AUTOMATION/MISC"] [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZFRbAf8OEAAE82QawAAAAL"]
    suexec policy violation: see suexec log for more details
    [Sat Aug 10 16:51:28 2013] [warn] [client 90.191.86.8] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server
    [Sat Aug 10 16:51:28 2013] [error] [client 90.191.86.8] Premature end of script headers: index.php
    [Sat Aug 10 16:52:01 2013] [error] [client 5.135.178.42] ModSecurity: Rule 7fa7afbd4f48 [id "950901"][file "/etc/modsecurity/modsecurity_crs_41_sql_injection_attacks.conf"][line "77"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZFgbAf8OEAAHajrKgAAAAG"]
    [Sat Aug 10 16:52:01 2013] [error] [client 5.135.178.42] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^apache.*perl" against "REQUEST_HEADERS:User-Agent" required. [file "/etc/apache2/modsecurity-core-rules/modsecurity_crs_35_bad_robots.conf"] [line "29"] [id "990011"] [msg "Request Indicates an automated program explored the site"] [severity "NOTICE"] [tag "AUTOMATION/MISC"] [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZFgbAf8OEAAHajrKgAAAAG"]
    [Sat Aug 10 16:53:01 2013] [error] [client 5.135.178.42] ModSecurity: Rule 7fa7afbd4f48 [id "950901"][file "/etc/modsecurity/modsecurity_crs_41_sql_injection_attacks.conf"][line "77"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZFvbAf8OEAAE@tYUgAAAAE"]
    [Sat Aug 10 16:53:01 2013] [error] [client 5.135.178.42] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^apache.*perl" against "REQUEST_HEADERS:User-Agent" required. [file "/etc/apache2/modsecurity-core-rules/modsecurity_crs_35_bad_robots.conf"] [line "29"] [id "990011"] [msg "Request Indicates an automated program explored the site"] [severity "NOTICE"] [tag "AUTOMATION/MISC"] [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZFvbAf8OEAAE@tYUgAAAAE"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] client denied by server configuration: /var/www/
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ip_hash" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_secure" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_charset" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_not_utf8" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_mismatch" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.loose_domain_scope" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_httponly" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.check_cache_control" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.content_type_header_exists" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_xss_protection_disabled" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_frame_options" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:53:50 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_content_type_options" as the collection does not exist. [hostname "hosting-networks.com"] [uri "/"] [unique_id "UgZF7rAf8OEAAE82Qa0AAAAL"]
    [Sat Aug 10 16:54:01 2013] [error] [client 5.135.178.42] ModSecurity: Rule 7fa7afbd4f48 [id "950901"][file "/etc/modsecurity/modsecurity_crs_41_sql_injection_attacks.conf"][line "77"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZF@bAf8OEAAFAsjc0AAAAA"]
    [Sat Aug 10 16:54:01 2013] [error] [client 5.135.178.42] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^apache.*perl" against "REQUEST_HEADERS:User-Agent" required. [file "/etc/apache2/modsecurity-core-rules/modsecurity_crs_35_bad_robots.conf"] [line "29"] [id "990011"] [msg "Request Indicates an automated program explored the site"] [severity "NOTICE"] [tag "AUTOMATION/MISC"] [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZF@bAf8OEAAFAsjc0AAAAA"]
    [Sat Aug 10 16:55:01 2013] [error] [client 127.0.0.1] SoftException in Application.cpp:350: UID of script "/var/www/index.php" is smaller than min_uid
    [Sat Aug 10 16:55:01 2013] [error] [client 127.0.0.1] Premature end of script headers: index.php
    [Sat Aug 10 16:55:01 2013] [error] [client 127.0.0.1] ModSecurity: Could not set variable "session.ip_hash" as the collection does not exist. [hostname "localhost"] [uri "/index.php"] [unique_id "UgZGNbAf8OEAAG5nIgIAAAAH"]
    [Sat Aug 10 16:55:01 2013] [error] [client 127.0.0.1] ModSecurity: Could not set variable "session.ua_hash" as the collection does not exist. [hostname "localhost"] [uri "/index.php"] [unique_id "UgZGNbAf8OEAAG5nIgIAAAAH"]
    [Sat Aug 10 16:55:01 2013] [error] [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/modsecurity_crs_50_outbound.conf"] [line "53"] [id "970901"] [rev "2.2.5"] [msg "The application is not available"] [severity "ERROR"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [hostname "localhost"] [uri "/index.php"] [unique_id "UgZGNbAf8OEAAG5nIgIAAAAH"]
    [Sat Aug 10 16:55:01 2013] [error] [client 127.0.0.1] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/etc/modsecurity/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "localhost"] [uri "/index.php"] [unique_id "UgZGNbAf8OEAAG5nIgIAAAAH"]
    [Sat Aug 10 16:55:01 2013] [error] [client 5.135.178.42] ModSecurity: Rule 7fa7afbd4f48 [id "950901"][file "/etc/modsecurity/modsecurity_crs_41_sql_injection_attacks.conf"][line "77"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZGNbAf8OEAAHajrKkAAAAG"]
    [Sat Aug 10 16:55:01 2013] [error] [client 5.135.178.42] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^apache.*perl" against "REQUEST_HEADERS:User-Agent" required. [file "/etc/apache2/modsecurity-core-rules/modsecurity_crs_35_bad_robots.conf"] [line "29"] [id "990011"] [msg "Request Indicates an automated program explored the site"] [severity "NOTICE"] [tag "AUTOMATION/MISC"] [hostname "media.replikizle.com"] [uri "/bilgi_tamamla.php"] [unique_id "UgZGNbAf8OEAAHajrKkAAAAG"]
    [Sat Aug 10 16:55:02 2013] [error] [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "2.2.5"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "127.0.0.1"] [uri "/server-status"] [unique_id "UgZGNrAf8OEAAE@tYUkAAAAE"]
    [Sat Aug 10 16:55:07 2013] [error] [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "2.2.5"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "127.0.0.1"] [uri "/server-status"] [unique_id "UgZGO7Af8OEAAE82Qa4AAAAL"]
    [Sat Aug 10 16:55:07 2013] [error] [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "2.2.5"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "127.0.0.1"] [uri "/server-status"] [unique_id "UgZGO7Af8OEAAFAsjc4AAAAA"]
    /var/www/clients/client4/web4/log/error.log
    Code:
    [Sat Aug 10 16:45:07 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.loose_domain_scope" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD47Af8OEAAE@tYUQAAAAE"]
    [Sat Aug 10 16:45:07 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_httponly" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD47Af8OEAAE@tYUQAAAAE"]
    [Sat Aug 10 16:45:07 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.check_cache_control" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD47Af8OEAAE@tYUQAAAAE"]
    [Sat Aug 10 16:45:07 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.content_type_header_exists" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD47Af8OEAAE@tYUQAAAAE"]
    [Sat Aug 10 16:45:07 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_xss_protection_disabled" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD47Af8OEAAE@tYUQAAAAE"]
    [Sat Aug 10 16:45:07 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_frame_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD47Af8OEAAE@tYUQAAAAE"]
    [Sat Aug 10 16:45:07 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_content_type_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD47Af8OEAAE@tYUQAAAAE"]
    [Sat Aug 10 16:45:14 2013] [crit] [client 90.191.86.8] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:45:14 2013] [crit] [client 90.191.86.8] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ip_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ua_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_secure" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_charset" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_not_utf8" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_mismatch" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.loose_domain_scope" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_httponly" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.check_cache_control" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.content_type_header_exists" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_xss_protection_disabled" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_frame_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:45:14 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_content_type_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZD6rAf8OEAAG5mIaAAAAAF"]
    [Sat Aug 10 16:51:10 2013] [crit] [client 66.249.72.139] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:51:10 2013] [crit] [client 66.249.72.139] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "session.ip_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "session.ua_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.missing_secure" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.missing_charset" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.charset_not_utf8" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.charset_mismatch" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.loose_domain_scope" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.missing_httponly" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.check_cache_control" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.content_type_header_exists" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.x_xss_protection_disabled" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.x_frame_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:51:10 2013] [error] [client 66.249.72.139] ModSecurity: Could not set variable "global.x_content_type_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/cdn-cgi/nexp/abv=2908400176/"] [unique_id "UgZFTrAf8OEAAFAsjcwAAAAA"]
    [Sat Aug 10 16:52:55 2013] [crit] [client 90.191.86.8] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:52:55 2013] [crit] [client 90.191.86.8] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ip_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ua_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_secure" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_charset" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_not_utf8" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_mismatch" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.loose_domain_scope" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_httponly" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.check_cache_control" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.content_type_header_exists" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_xss_protection_disabled" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_frame_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:55 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_content_type_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFt7Af8OEAAHakrQQAAAAM"]
    [Sat Aug 10 16:52:58 2013] [crit] [client 90.191.86.8] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:52:58 2013] [crit] [client 90.191.86.8] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ip_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ua_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_secure" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_charset" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_not_utf8" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_mismatch" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.loose_domain_scope" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_httponly" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.check_cache_control" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.content_type_header_exists" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_xss_protection_disabled" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_frame_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:52:58 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_content_type_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/stats/"] [unique_id "UgZFurAf8OEAAHakrQUAAAAM"]
    [Sat Aug 10 16:53:33 2013] [crit] [client 90.191.86.8] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:53:33 2013] [crit] [client 90.191.86.8] (13)Permission denied: /var/www/iffimusic.info/web/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ip_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "session.ua_hash" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_secure" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_charset" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_not_utf8" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.charset_mismatch" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.loose_domain_scope" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.missing_httponly" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.check_cache_control" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.content_type_header_exists" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_xss_protection_disabled" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_frame_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]
    [Sat Aug 10 16:53:33 2013] [error] [client 90.191.86.8] ModSecurity: Could not set variable "global.x_content_type_options" as the collection does not exist. [hostname "iffimusic.info"] [uri "/"] [unique_id "UgZF3bAf8OEAAFA7pL8AAAAC"]

    /var/log/apache2/suexec.log
    Code:
    [2013-08-10 15:56:29]: uid: (5005/web2) gid: (5006/client2) cmd: .php-fcgi-starter
    [2013-08-10 15:56:29]: target uid/gid (5005/5006) mismatch with directory (33/33) or program (33/33)
    [2013-08-10 15:56:29]: uid: (5005/web2) gid: (5006/client2) cmd: .php-fcgi-starter
    [2013-08-10 15:56:29]: target uid/gid (5005/5006) mismatch with directory (33/33) or program (33/33)
    [2013-08-10 15:57:18]: uid: (5007/web4) gid: (5008/client4) cmd: .php-fcgi-starter
    [2013-08-10 15:57:18]: target uid/gid (5007/5008) mismatch with directory (33/33) or program (33/33)
    [2013-08-10 15:58:02]: uid: (5007/web4) gid: (5008/client4) cmd: .php-fcgi-starter
    [2013-08-10 15:58:02]: target uid/gid (5007/5008) mismatch with directory (33/33) or program (33/33)
    [2013-08-10 15:59:10]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 15:59:10]: target uid/gid (5003/5004) mismatch with directory (33/33) or program (33/33)
    [2013-08-10 15:59:13]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 15:59:13]: target uid/gid (5003/5004) mismatch with directory (33/33) or program (33/33)
    [2013-08-10 16:03:50]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:03:50]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:03:53]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:03:53]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:03:55]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:03:55]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:05:32]: uid: (5008/web5) gid: (5005/client1) cmd: .php-fcgi-starter
    [2013-08-10 16:05:32]: target uid/gid (5008/5005) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:05:59]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:05:59]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:31:56]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:31:56]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:34:57]: uid: (5008/web5) gid: (5005/client1) cmd: .php-fcgi-starter
    [2013-08-10 16:34:57]: target uid/gid (5008/5005) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:40:52]: uid: (5008/web5) gid: (5005/client1) cmd: .php-fcgi-starter
    [2013-08-10 16:40:52]: target uid/gid (5008/5005) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:42:08]: uid: (5008/web5) gid: (5005/client1) cmd: .php-fcgi-starter
    [2013-08-10 16:42:08]: target uid/gid (5008/5005) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:42:19]: uid: (5008/web5) gid: (5005/client1) cmd: .php-fcgi-starter
    [2013-08-10 16:42:19]: target uid/gid (5008/5005) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:42:29]: uid: (5008/web5) gid: (5005/client1) cmd: .php-fcgi-starter
    [2013-08-10 16:42:29]: target uid/gid (5008/5005) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:42:31]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:42:31]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:45:28]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:45:28]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:45:32]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:45:32]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:45:33]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:45:33]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    [2013-08-10 16:51:28]: uid: (5003/ispconfig) gid: (5004/ispconfig) cmd: .php-fcgi-starter
    [2013-08-10 16:51:28]: target uid/gid (5003/5004) mismatch with directory (0/0) or program (0/0)
    I changed yesterday chown -R www-data /var/www and after that the problems started
    By now I'm experimenting with different google instructions but nothing has helped.

    I am very confused and perplexed.

    Thanks for help
     
  2. almere

    almere Member HowtoForge Supporter

    You should disable mod security.
     
  3. -IFFI_

    -IFFI_ New Member

    How to disable it???
     
  4. almere

    almere Member HowtoForge Supporter

    to the vhost of the site:

    Code:
    <IfModule mod_security2.c>
         SecRuleEngine Off
    </IfModule>
    
    OR

    Code:
    <IfModule mod_security.c>
         SecRuleEngine Off
    </IfModule>
    
     
  5. -IFFI_

    -IFFI_ New Member

    It did not help, still have the same 403 Forbidden

    I added this code
    Code:
    <IfModule mod_security2.c>
         SecRuleEngine Off
    </IfModule>
    As the end of file /etc/apache2/sites-avaible/iffimusic.info.vhost
    Code:
    <Directory /var/www/iffimusic.info>
    		AllowOverride None
    		Order Deny,Allow
    		Deny from all
    </Directory>
    
    <VirtualHost *:80>
    					DocumentRoot /var/www/iffimusic.info/web
    			
    		ServerName iffimusic.info
    		ServerAlias iffimusic.info 
        ServerAlias *.iffimusic.info
    		ServerAdmin [email protected]
    
    		ErrorLog /var/log/ispconfig/httpd/iffimusic.info/error.log
    
    		Alias /error/ "/var/www/iffimusic.info/web/error/"
    		ErrorDocument 400 /error/400.html
    		ErrorDocument 401 /error/401.html
    		ErrorDocument 403 /error/403.html
    		ErrorDocument 404 /error/404.html
    		ErrorDocument 405 /error/405.html
    		ErrorDocument 500 /error/500.html
    		ErrorDocument 502 /error/502.html
    		ErrorDocument 503 /error/503.html
    
    		<IfModule mod_ssl.c>
    		</IfModule>
    
    		<Directory /var/www/iffimusic.info/web>
    				Options FollowSymLinks
    				AllowOverride All
    				Order allow,deny
    				Allow from all
    
    				# ssi enabled
    				AddType text/html .shtml
    				AddOutputFilter INCLUDES .shtml
    				Options +Includes
    		</Directory>
    		<Directory /var/www/clients/client4/web4/web>
    				Options FollowSymLinks
    				AllowOverride All
    				Order allow,deny
    				Allow from all
    
    				# ssi enabled
    				AddType text/html .shtml
    				AddOutputFilter INCLUDES .shtml
    				Options +Includes
    		</Directory>
    
    		<IfModule mod_ruby.c>
    			<Directory /var/www/iffimusic.info/web>
    				Options +ExecCGI
    			</Directory>
    			RubyRequire apache/ruby-run
    			#RubySafeLevel 0
    			AddType text/html .rb
    			AddType text/html .rbx
    			<Files *.rb>
    				SetHandler ruby-object
    				RubyHandler Apache::RubyRun.instance
    			</Files>
    			<Files *.rbx>
    				SetHandler ruby-object
    				RubyHandler Apache::RubyRun.instance
    			</Files>
    		</IfModule>
    
    		<IfModule mod_perl.c>
    			PerlModule ModPerl::Registry
    			PerlModule Apache2::Reload
    			<Directory /var/www/iffimusic.info/web>
    				PerlResponseHandler ModPerl::Registry
    				PerlOptions +ParseHeaders
    				Options +ExecCGI
    			</Directory>
                <Files *.pl>
    				SetHandler perl-script
                </Files>
    		</IfModule>
    
    		<IfModule mod_python.c>
    			<Directory /var/www/iffimusic.info/web>
    				AddHandler mod_python .py
    				PythonHandler mod_python.publisher
    				PythonDebug On
    			</Directory>
    		</IfModule>
    
    		# cgi enabled
    	<Directory /var/www/clients/client4/web4/cgi-bin>
    			Order allow,deny
    			Allow from all
    		</Directory>
    		ScriptAlias  /cgi-bin/ /var/www/clients/client4/web4/cgi-bin/
    		AddHandler cgi-script .cgi
    		AddHandler cgi-script .pl
    		# suexec enabled
    		<IfModule mod_suexec.c>
    			SuexecUserGroup web4 client4
    		</IfModule>
    		# Clear PHP settings of this website
    		<FilesMatch "\.ph(p3?|tml)$">
    				SetHandler None
    		</FilesMatch>
    		# php as fast-cgi enabled
    	# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
    		<IfModule mod_fcgid.c>
    				FcgidIdleTimeout 300
    				FcgidProcessLifeTime 3600
    				# FcgidMaxProcesses 1000
    				FcgidMaxRequestsPerProcess 5000
    				FcgidMinProcessesPerClass 0
    				FcgidMaxProcessesPerClass 100
    				FcgidConnectTimeout 3
    				FcgidIOTimeout 360
    				FcgidBusyTimeout 3600
    				FcgidMaxRequestLen 1073741824
    		</IfModule>
    		<Directory /var/www/iffimusic.info/web>
    				AddHandler fcgid-script .php .php3 .php4 .php5
    				FCGIWrapper /var/www/php-fcgi-scripts/web4/.php-fcgi-starter .php
    				Options +ExecCGI
    				AllowOverride All
    				Order allow,deny
    				Allow from all
    		</Directory>
    		<Directory /var/www/clients/client4/web4/web>
    				AddHandler fcgid-script .php .php3 .php4 .php5
    				FCGIWrapper /var/www/php-fcgi-scripts/web4/.php-fcgi-starter .php
    				Options +ExecCGI
    				AllowOverride All
    				Order allow,deny
    				Allow from all
    		</Directory>
    
    
    		# add support for apache mpm_itk
    		<IfModule mpm_itk_module>
    			AssignUserId web4 client4
    		</IfModule>
    
    		<IfModule mod_dav_fs.c>
    		# Do not execute PHP files in webdav directory
    			<Directory /var/www/clients/client4/web4/webdav>
    				<ifModule mod_security2.c>
    					SecRuleRemoveById 960015
    					SecRuleRemoveById 960032
    				</ifModule>
    				<FilesMatch "\.ph(p3?|tml)$">
    					SetHandler None
    				</FilesMatch>
    			</Directory>
    			DavLockDB /var/www/clients/client4/web4/tmp/DavLock
    			# DO NOT REMOVE THE COMMENTS!
    			# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
          # WEBDAV BEGIN
    			# WEBDAV END
    		</IfModule>
    <IfModule mod_security2.c>
         SecRuleEngine Off
    </IfModule>
    </VirtualHost>
    
    Restart apache and same error 403 Forbidden

    I commented out the file /etc/apache2/apache2.conf this line
    Code:
    Include /etc/apache2/modsecurity-core-rules/*.conf
    Code:
    # This is the main Apache server configuration file.  It contains the
    # configuration directives that give the server its instructions.
    # See http://httpd.apache.org/docs/2.2/ for detailed information about
    # the directives and /usr/share/doc/apache2-common/README.Debian.gz about
    # Debian specific hints.
    #
    #
    # Summary of how the Apache 2 configuration works in Debian:
    # The Apache 2 web server configuration in Debian is quite different to
    # upstream's suggested way to configure the web server. This is because Debian's
    # default Apache2 installation attempts to make adding and removing modules,
    # virtual hosts, and extra configuration directives as flexible as possible, in
    # order to make automating the changes and administering the server as easy as
    # possible.
    
    # It is split into several files forming the configuration hierarchy outlined
    # below, all located in the /etc/apache2/ directory:
    #
    #	/etc/apache2/
    #	|-- apache2.conf
    #	|	`--  ports.conf
    #	|-- mods-enabled
    #	|	|-- *.load
    #	|	`-- *.conf
    #	|-- conf.d
    #	|	`-- *
    # 	`-- sites-enabled
    #	 	`-- *
    #
    #
    # * apache2.conf is the main configuration file (this file). It puts the pieces
    #   together by including all remaining configuration files when starting up the
    #   web server.
    #
    #   In order to avoid conflicts with backup files, the Include directive is
    #   adapted to ignore files that:
    #   - do not begin with a letter or number
    #   - contain a character that is neither letter nor number nor _-:.
    #   - contain .dpkg
    #
    #   Yet we strongly suggest that all configuration files either end with a
    #   .conf or .load suffix in the file name. The next Debian release will
    #   ignore files not ending with .conf (or .load for mods-enabled).
    #
    # * ports.conf is always included from the main configuration file. It is
    #   supposed to determine listening ports for incoming connections, and which
    #   of these ports are used for name based virtual hosts.
    #
    # * Configuration files in the mods-enabled/ and sites-enabled/ directories
    #   contain particular configuration snippets which manage modules or virtual
    #   host configurations, respectively.
    #
    #   They are activated by symlinking available configuration files from their
    #   respective *-available/ counterparts. These should be managed by using our
    #   helpers a2enmod/a2dismod, a2ensite/a2dissite. See
    #   their respective man pages for detailed information.
    #
    # * Configuration files in the conf.d directory are either provided by other
    #   packages or may be added by the local administrator. Local additions
    #   should start with local- or end with .local.conf to avoid name clashes. All
    #   files in conf.d are considered (excluding the exceptions noted above) by
    #   the Apache 2 web server.
    #
    # * The binary is called apache2. Due to the use of environment variables, in
    #   the default configuration, apache2 needs to be started/stopped with
    #   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
    #   work with the default configuration.
    
    
    # Global configuration
    #
    
    #
    # ServerRoot: The top of the directory tree under which the server's
    # configuration, error, and log files are kept.
    #
    # NOTE!  If you intend to place this on an NFS (or otherwise network)
    # mounted filesystem then please read the LockFile documentation (available
    # at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
    # you will save yourself a lot of trouble.
    #
    # Do NOT add a slash at the end of the directory path.
    #
    #ServerRoot "/etc/apache2"
    
    #
    # The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
    #
    LockFile ${APACHE_LOCK_DIR}/accept.lock
    
    #
    # PidFile: The file in which the server should record its process
    # identification number when it starts.
    # This needs to be set in /etc/apache2/envvars
    #
    PidFile ${APACHE_PID_FILE}
    
    #
    # Timeout: The number of seconds before receives and sends time out.
    #
    Timeout 300
    
    #
    # KeepAlive: Whether or not to allow persistent connections (more than
    # one request per connection). Set to "Off" to deactivate.
    #
    KeepAlive On
    
    #
    # MaxKeepAliveRequests: The maximum number of requests to allow
    # during a persistent connection. Set to 0 to allow an unlimited amount.
    # We recommend you leave this number high, for maximum performance.
    #
    MaxKeepAliveRequests 100
    
    #
    # KeepAliveTimeout: Number of seconds to wait for the next request from the
    # same client on the same connection.
    #
    KeepAliveTimeout 5
    
    ##
    ## Server-Pool Size Regulation (MPM specific)
    ## 
    
    # prefork MPM
    # StartServers: number of server processes to start
    # MinSpareServers: minimum number of server processes which are kept spare
    # MaxSpareServers: maximum number of server processes which are kept spare
    # MaxClients: maximum number of server processes allowed to start
    # MaxRequestsPerChild: maximum number of requests a server process serves
    <IfModule mpm_prefork_module>
    StartServers 5
    MinSpareServers 5
    MaxSpareServers 10
        MaxClients          150
    MaxRequestsPerChild 0
    </IfModule>
    
    # worker MPM
    # StartServers: initial number of server processes to start
    # MinSpareThreads: minimum number of worker threads which are kept spare
    # MaxSpareThreads: maximum number of worker threads which are kept spare
    # ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
    #              graceful restart. ThreadLimit can only be changed by stopping
    #              and starting Apache.
    # ThreadsPerChild: constant number of worker threads in each server process
    # MaxClients: maximum number of simultaneous client connections
    # MaxRequestsPerChild: maximum number of requests a server process serves
    <IfModule mpm_worker_module>
        StartServers          2
        MinSpareThreads      25
        MaxSpareThreads      75 
        ThreadLimit          64
        ThreadsPerChild      25
        MaxClients          150
        MaxRequestsPerChild   0
    </IfModule>
    
    # event MPM
    # StartServers: initial number of server processes to start
    # MinSpareThreads: minimum number of worker threads which are kept spare
    # MaxSpareThreads: maximum number of worker threads which are kept spare
    # ThreadsPerChild: constant number of worker threads in each server process
    # MaxClients: maximum number of simultaneous client connections
    # MaxRequestsPerChild: maximum number of requests a server process serves
    <IfModule mpm_event_module>
        StartServers          2
        MinSpareThreads      25
        MaxSpareThreads      75 
        ThreadLimit          64
        ThreadsPerChild      25
        MaxClients          150
        MaxRequestsPerChild   0
    </IfModule>
    
    # These need to be set in /etc/apache2/envvars
    User ${APACHE_RUN_USER}
    Group ${APACHE_RUN_GROUP}
    
    #
    # AccessFileName: The name of the file to look for in each directory
    # for additional configuration directives.  See also the AllowOverride
    # directive.
    #
    
    AccessFileName .htaccess
    
    #
    # The following lines prevent .htaccess and .htpasswd files from being 
    # viewed by Web clients. 
    #
    <Files ~ "^\.ht">
        Order allow,deny
        Deny from all
        Satisfy all
    </Files>
    
    #
    # DefaultType is the default MIME type the server will use for a document
    # if it cannot otherwise determine one, such as from filename extensions.
    # If your server contains mostly text or HTML documents, "text/plain" is
    # a good value.  If most of your content is binary, such as applications
    # or images, you may want to use "application/octet-stream" instead to
    # keep browsers from trying to display binary files as though they are
    # text.
    #
    # It is also possible to omit any default MIME type and let the
    # client's browser guess an appropriate action instead. Typically the
    # browser will decide based on the file's extension then. In cases
    # where no good assumption can be made, letting the default MIME type
    # unset is suggested  instead of forcing the browser to accept
    # incorrect  metadata.
    #
    DefaultType None
    
    
    #
    # HostnameLookups: Log the names of clients or just their IP addresses
    # e.g., www.apache.org (on) or 204.62.129.132 (off).
    # The default is off because it'd be overall better for the net if people
    # had to knowingly turn this feature on, since enabling it means that
    # each client request will result in AT LEAST one lookup request to the
    # nameserver.
    #
    HostnameLookups Off
    
    # ErrorLog: The location of the error log file.
    # If you do not specify an ErrorLog directive within a <VirtualHost>
    # container, error messages relating to that virtual host will be
    # logged here.  If you *do* define an error logfile for a <VirtualHost>
    # container, that host's errors will be logged there and not here.
    #
    ErrorLog ${APACHE_LOG_DIR}/error.log
    
    #
    # LogLevel: Control the number of messages logged to the error_log.
    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    #
    LogLevel warn
    
    # Include module configuration:
    Include mods-enabled/*.load
    Include mods-enabled/*.conf
    
    # Include list of ports to listen on and which to use for name based vhosts
    Include ports.conf
    
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    # If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
    #
    LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
    LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %O" common
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent
    
    # Include of directories ignores editors' and dpkg's backup files,
    # see the comments above for details.
    
    # Include generic snippets of statements
    Include conf.d/
    
    # Include the virtual host configurations:
    Include sites-enabled/
    #Include /etc/apache2/modsecurity-core-rules/*.conf
    I still have the same 403 Forbidden error

    Restart the server, but still the same...

    If go to http://iffimusic.info/webmail/ it works
     
  6. -IFFI_

    -IFFI_ New Member

    And it does not help

    Code:
    # apt-get remove --purge apt-get libapache-mod-security 
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    E: Unable to locate package apt-get
    and

    Code:
    # a2dismod mod_security 
    ERROR: Module mod_security does not exist!
    
     
  7. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    The problem seems to be, that you are trying to access files and/or directories from your scripts that are owned by root! (user 0)
    The script is owned by user 5004.

    This is not permitted by suexec! The script owner has to be the same as the files and directory you want to access from the script.
     
  8. almere

    almere Member HowtoForge Supporter

    I don't think it's Suexec...

    Please, look carefully to your vhost file, you will see:

    Code:
    <ifModule mod_security2.c>
    					SecRuleRemoveById 960015
    					SecRuleRemoveById 960032
    				</ifModule>
    
    You shuold delete it, restart apache and try again.
     
  9. -IFFI_

    -IFFI_ New Member

    I removed all the vhost this line

    Code:
    <ifModule mod_security2.c>
    					SecRuleRemoveById 960015
    					SecRuleRemoveById 960032
    				</ifModule>
    Restart apache and server but still the same problem!

    What folder do I have to give them rights 5004?

    ls -l /var/www
    Code:
    drwxr-xr-x  2 root root     4096 juuli 30 19:41 adminer
    drwxr-xr-x  2 root root     4096 aug    9 15:38 apps
    drwxr-xr-x  3 root root     4096 aug    9 15:16 blogs
    drwxr-xr-x  8 root root     4096 juuli 29 15:47 clients
    drwxr-xr-x  4 root root     4096 juuli 29 12:02 conf
    drwxr-xr-x  2 root root     4096 juuli 25 17:40 css
    lrwxrwxrwx  1 root root       30 juuli 29 12:00 hiddenclients.tk -> /var/www/clients/client6/web7/
    lrwxrwxrwx  1 root root       30 juuli 28 17:49 hosting-networks.com -> /var/www/clients/client5/web6/
    lrwxrwxrwx  1 web4 client4    30 juuli 25 22:38 iffimusic.info -> /var/www/clients/client4/web4/
    drwxr-xr-x  3 root root     4096 juuli 25 17:40 img
    -rw-r--r--  1 root root     2827 juuli 25 17:53 _index.html
    -rw-r--r--  1 root root      395 aug    9 15:15 index.php
    lrwxrwxrwx  1 root root       34 juuli 25 18:25 ispconfig -> /usr/local/ispconfig/interface/web
    drwxr-xr-x  2 root root     4096 juuli 25 17:41 js
    -rw-r--r--  1 root root      409 aug    9 15:15 LEGGIMI.txt
    -rw-r--r--  1 root root    17935 aug    9 15:15 licencia.txt
    -rw-r--r--  1 root root    19929 aug    9 15:15 license.txt
    -rw-r--r--  1 root root    23149 aug    9 15:15 licens.html
    -rw-r--r--  1 root root    24880 aug    9 15:15 licenza.html
    -rw-r--r--  1 root root    10490 aug    9 15:15 liesmich.html
    drwxr-xr-x 12 root root     4096 aug    6 19:44 mail
    drwxr-xr-x  3 root root     4096 juuli 29 13:08 php-cgi-scripts
    drwxr-xr-x 11 root root     4096 juuli 29 14:19 php-fcgi-scripts
    drwxr-xr-x  7 root root     4096 juuli 30 19:38 phpMemcachedAdmin
    lrwxrwxrwx  1 root root       30 juuli 25 18:49 pumpla-hosting.com -> /var/www/clients/client1/web1/
    lrwxrwxrwx  1 root root       30 juuli 28 16:55 pumpla-hosting.tk -> /var/www/clients/client1/web5/
    lrwxrwxrwx  1 root root       30 juuli 25 21:15 pumpla-seedboxes.org -> /var/www/clients/client3/web3/
    -rw-r--r--  1 root root     9177 aug    9 15:15 readme.html
    -rw-r--r--  1 root root     3316 aug    9 15:15 readme-ja.html
    lrwxrwxrwx  1 root root       30 aug    4 08:27 tigramiehted.info -> /var/www/clients/client2/web2/
    drwxr-xr-x  2 root root     4096 aug    9 15:16 tmp
    drwxr-xr-x  2 root root     4096 aug   12 06:57 webalizer
    lrwxrwxrwx  1 root root       24 juuli 25 18:10 webmail -> /usr/share/squirrelmail/
    -rw-r--r--  1 root root     4663 aug    9 15:15 wp-activate.php
    drwxr-xr-x 10 root root     4096 aug    9 15:17 wp-admin
    -rw-r--r--  1 root root      271 aug    9 15:15 wp-blog-header.php
    -rw-r--r--  1 root root     3522 aug    9 15:15 wp-comments-post.php
    -rw-r--r--  1 root root        0 aug    9 15:15 wp-config.php
    -rw-r--r--  1 root root     3177 aug    9 15:15 wp-config-sample.php
    drwxr-xr-x  5 root root     4096 aug    9 15:18 wp-content
    -rw-r--r--  1 root root     2718 aug    9 15:15 wp-cron.php
    drwxr-xr-x  9 root root     4096 aug    9 15:25 wp-includes
    -rw-r--r--  1 root root     1997 aug    9 15:15 wp-links-opml.php
    -rw-r--r--  1 root root     2408 aug    9 15:15 wp-load.php
    -rw-r--r--  1 root root    29217 aug    9 15:15 wp-login.php
    -rw-r--r--  1 root root     7723 aug    9 15:15 wp-mail.php
    -rw-r--r--  1 root root     9899 aug    9 15:15 wp-settings.php
    -rw-r--r--  1 root root    18219 aug    9 15:15 wp-signup.php
    -rw-r--r--  1 root root     3700 aug    9 15:16 wp-trackback.php
    -rw-r--r--  1 root root     2719 aug    9 15:16 xmlrpc.php
    
    ls -l /var/www/clients
    Code:
    # ls -l /var/www/clients
    total 24
    drwxr-xr-x 4 root root 4096 aug    7 21:37 client1
    drwxr-xr-x 3 root root 4096 aug    4 08:27 client2
    drwxr-xr-x 3 root root 4096 juuli 29 17:37 client3
    drwxr-xr-x 3 root root 4096 juuli 29 18:42 client4
    drwxr-xr-x 3 root root 4096 aug    7 21:37 client5
    drwxr-xr-x 3 root root 4096 juuli 29 18:42 client6
    
     
  10. almere

    almere Member HowtoForge Supporter


    OW MY GOD!

    Why do you have your WP files in /var/www ?!
     
  11. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    Wow ;) That installation really seems to be messed up.
     
  12. -IFFI_

    -IFFI_ New Member

    This installation has been there for several months old and is only for testing .... It did not cause problems.
     
  13. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    Ok, you said you did a chown www-data recursively on /var/www
    So all websites you have are now owned by www-data, but you use fcgi php... I don't think this can work.

    You should change back the owners of the several webs.
    For example /var/www/clients/client1/web1 and its subdirectories should be owned by web1:client1
    Except the subdirectories log/ ssl/ (if existing) and web/stats/ which belong to root:root
     
  14. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    Addition to the previous:

    Is it possible that you did a chown -R root:root after your experiment with www-data?
    The suexec error messages seem to me like the fcgi starter script is still owned by the web user (e.g. web4:client12) but the web itself is owned by root:root
    So php is not allowed to access the web's php files as they don't belong to the same user as the starter script does.
     
  15. -IFFI_

    -IFFI_ New Member

    Yes, after I did back chown -R root /var/www and chown -R root:root /var/www

    Do I have to now change all the users folders rights manuali

    for example: chown -R client1:web1 /var/www/clients/clients1 and all subfolders and files?
     
  16. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    Doing that won't be enough, for each web you would have to do:

    chown -R web1:client1 /var/www/clients/client1/web1
    chown -R root:root /var/www/clients/client1/web1/ssl
    chown -R root:root /var/www/clients/client1/web1/log
    chown -R root:root /var/www/clients/client1/web1/web/stats

    I don't know if there is any possibility of making this easier.

    Just remember: NEVER NEVER NEVER EVER do anything recursively on /var/www - you will destroy something.
     
  17. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    You could try this on the bash/shell (without any warranty! although I don't think your permissions can be messed up any more *smile*):

    Code:
    for L in /var/www/clients/client* ; do
       C=`basename $L` ;
       for K in /var/www/clients/$C/web* ; do
          if [[ -d "$K" ]] ; then
             D=`basename $K` ;
             chown -R ${D}:${C} $K ;
             chown -R root:root $K/log ;
             chown -R root:root $K/ssl ;
             chown -R root:root $K/web/stats ;
          fi ;
       done ;
    done ;
    
     
    Last edited: Aug 12, 2013
  18. -IFFI_

    -IFFI_ New Member

    # chown -R web4:client4 /var/www/clients/client4/web4
    chown: changing ownership of `/var/www/clients/client4/web4': Operation not permitted
     
  19. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    You have directory protection on, so you need to use an extended version.

    Code:
    for L in /var/www/clients/client* ; do
       C=`basename $L` ;
       for K in /var/www/clients/$C/web* ; do
          if [[ -d "$K" ]] ; then
             D=`basename $K` ;
             chattr -i $K ;
             chown -R ${D}:${C} $K ;
             chown -R root:root $K/log ;
             chown -R root:root $K/ssl ;
             chown -R root:root $K/web/stats ;
             chattr +i $K ;
          fi ;
       done ;
    done ;
    
     
  20. -IFFI_

    -IFFI_ New Member

    I am just a beginner and confused, how to use it?

    after this command
    Code:
    #  chown -R web4:client4 /var/www/clients/client4/web4chown: changing ownership of `/var/www/clients/client4/web4': Operation not permitted
    
    is now error 500

    but I tried to enter the terminal
    Code:
    # for L in /var/www/clients/client* ; do
    > C=`basename $L` ;
    > for K in /var/www/clients/$C/web* ; do
    > if [[ -d "$K" ]] ; then
    > D=`basename $K` ;
    > chattr -i $K ;
    > chown -R ${D}:${C} $K ;
    > chown -R root:root $K/log ;
    > chown -R root:root $K/ssl ;
    > chown -R root:root $K/web/stats ;
    > chattr +i $K ;
    > fi ;
    > done ;
    > done ;
    
    I myself am the owner of the server, it simplifies?

    Can not help re-installing ISPConfig...make backups before and after the pack up again to go?

    I'm very confused, but thank you for any help
     

Share This Page