Hi ! I keep having this error : 501 Method Not Implemented Post to /dir/... not Supported it happens with Openads and also a Joomla module i have just installed, i really do not know what may be the reason of this error. Can you please help! i Have Apache 2.2.0, PHP 5.1.6 and MySQL 5.0.27 running on FC6 and ISP 2.2.15 Instaled. Thanks !
Apache Error Log Thanks Falko for replying, this is what i get when i do : tail -f /var/log/httpd/error_log [Sun Aug 05 16:40:05 2007] [error] an unknown filter was not added: PHP [Sun Aug 05 16:43:19 2007] [error] an unknown filter was not added: PHP [Sun Aug 05 16:43:19 2007] [error] an unknown filter was not added: PHP [Sun Aug 05 16:43:22 2007] [error] an unknown filter was not added: PHP [Sun Aug 05 16:43:22 2007] [error] an unknown filter was not added: PHP Do you have any clue or is there any error log file ?
website error log Ok i have look to /var/www/web16/log/error.log and i have alot of records last ones are about mod_security so here is some output of that file : [Mon Aug 06 03:38:24 2007] [error] [client 192.168.0.198] ModSecurity: Request body is larger than the configured limit (131072). [hostname "www.myhostname.com"] [uri "/administrator/index2.php"] [unique_id "-mE8l8CoAMUAAAvkYWoAAAAC"] [Mon Aug 06 03:41:04 2007] [error] [client 192.168.0.198] PHP Fatal error: Call to a member function toArray() on a non-object in /var/www/web16/web/Openads/lib/max/Dal/Admin/Zones.php on line 99, referer: http://www.myhostname.com/Openads/www/admin/zone-invocation.php [Mon Aug 06 03:41:07 2007] [error] [client 192.168.0.198] PHP Fatal error: Call to a member function toArray() on a non-object in /var/www/web16/web/Openads/lib/max/Dal/Admin/Zones.php on line 99, referer: http://www.myhostname.com/Openads/www/admin/zone-invocation.php [Mon Aug 06 03:41:15 2007] [error] [client 192.168.0.198] ModSecurity: Access denied with code 501 (phase 2). Pattern match "(?:\\\\b(??:n(?:et(?:\\\\b\\\\W+?\\\\blocalgroup|\\\\.exe)|(?:map|c)\\\\.exe)|t(?:racer(?ute|t)|elnet\\\\.exe|clsh8?|ftp)|(?:w(?:guest|sh)|rcmd|ftp)\\\\.exe|echo\\\\b\\\\W*?\\\\by+)\\\\b|c(?:md(??:32)?\\\\.exe\\\\b|\\\\b\\\\W*?\\\\/c)|d(?:\\\\b\\\\W*?[\\\\\\\\/]|\\\\W*?\\\\.\\\\.)|hmod.{0,40}? ..." at ARGS:bannercode. [id "950006"] [msg "System Command Injection. Matched signature <;\\r\\n\\r\\n echo>"] [severity "CRITICAL"] [hostname "www.myhostname.com"] [uri "/Openads/www/admin/zone-invocation.php"] [unique_id "CJipEcCoAMUAAAviX@EAAAAA"]
took away mod_security Ok i took away everything that i added about mod_security in /etc/httpd/conf.d/mod_security.conf . Now i do not have any errors about mod_security but still have : 501 Post Method not Implemented Error. Thanks.
To fix these errors, take a look here: http://www.howtoforge.com/forums/showthread.php?t=4770&highlight=$go_info["server"]["apache2_php"]
501 Method Not Implemented Thanks Till and Falko for the amaizing support we're getting on this forum. I have change the line: $go_info["server"]["apache2_php"] = 'both'; to: $go_info["server"]["apache2_php"] = 'addtype'; in the file /home/admispconfig/ispconfig/lib/config.inc.php and made minor modification to a website and save it in ispconfig. Now the error has disappeared from the website error logfile. BUT I still have the same error : 501 Method not Implemented and this is due to mod_security according to the error.log in /var/www/web16/lo/error.log [Tue Aug 07 01:49:08 2007] [error] [client X.X.X.X] ModSecurity: Access denied with code 501 (phase 2). Pattern match "(?:\\\\b(??:n(?:et(?:\\\\b\\\\W+?\\\\blocalgroup|\\\\.exe)|(?:map|c)\\\\.exe)|t(?:racer(?ute|t)|elnet\\\\.exe|clsh8?|ftp)|(?:w(?:guest|sh)|rcmd|ftp)\\\\.exe|echo\\\\b\\\\W*?\\\\by+)\\\\b|c(?:md(??:32)?\\\\.exe\\\\b|\\\\b\\\\W*?\\\\/c)|d(?:\\\\b\\\\W*?[\\\\\\\\/]|\\\\W*?\\\\.\\\\.)|hmod.{0,40}? ..." at ARGS:bannercode. [id "950006"] [msg "System Command Injection. Matched signature <;\\r\\n\\r\\n echo>"] [severity "CRITICAL"] [hostname "www.pronobol.com.bo"] [uri "/Openads/www/admin/zone-invocation.php"] [unique_id "lXXsdMColSsAACHMJywAAAAB"] After verifying i noticed that there is a bug with mod_security.i386 version 2.1.1-1.fc6 that i have installed through Yum on FC6. The new version modsecurity-apache_2.1.2.tar.gz is said to fix that bug. But i cannot install it because the directories : top_srcdir = ${top_dir} top_builddir = ${top_dir} ${top_builddir}/build/special.mk in the Makefile does not match on my FC6 Box. Any Help? Thanks. Also : httpd -t gives me the following warnings because i added some stupid Vhost directives in ispconfig but when Till told me to remove that mistake i belive it was to late. Anything to get rid of this warning or it is fine like that : [Tue Aug 07 02:10:49 2007] [warn] module security2_module is already loaded, skipping [Tue Aug 07 02:10:49 2007] [warn] module unique_id_module is already loaded, skipping [Tue Aug 07 02:10:49 2007] [warn] NameVirtualHost X.X.X.X:80 has no VirtualHosts Syntax OK Thanks.
Still 501 Method Not Implemented Thanks Till and Falko for the amaizing support we're getting on this forum. I have change the line: $go_info["server"]["apache2_php"] = 'both'; to: $go_info["server"]["apache2_php"] = 'addtype'; in the file /home/admispconfig/ispconfig/lib/config.inc.php and made minor modification to a website and save it in ispconfig. Now the error has disappeared from the website error logfile. BUT I still have the same error : 501 Method not Implemented and this is due to mod_security according to the error.log in /var/www/web16/lo/error.log [Tue Aug 07 01:49:08 2007] [error] [client X.X.X.X] ModSecurity: Access denied with code 501 (phase 2). Pattern match "(?:\\\\b(??:n(?:et(?:\\\\b\\\\W+?\\\\blocalgroup|\\\\.exe)|(?:map|c)\\\\.exe)|t(?:racer(?ute|t)|elnet\\\\.exe|clsh8?|ftp)|(?:w(?:guest|sh)|rcmd|ftp)\\\\.exe|echo\\\\b\\\\W*?\\\\by+)\\\\b|c(?:md(??:32)?\\\\.exe\\\\b|\\\\b\\\\W*?\\\\/c)|d(?:\\\\b\\\\W*?[\\\\\\\\/]|\\\\W*?\\\\.\\\\.)|hmod.{0,40}? ..." at ARGS:bannercode. [id "950006"] [msg "System Command Injection. Matched signature <;\\r\\n\\r\\n echo>"] [severity "CRITICAL"] [hostname "www.pronobol.com.bo"] [uri "/Openads/www/admin/zone-invocation.php"] [unique_id "lXXsdMColSsAACHMJywAAAAB"] After verifying i noticed that there is a bug with mod_security.i386 version 2.1.1-1.fc6 that i have installed through Yum on FC6. The new version modsecurity-apache_2.1.2.tar.gz is said to fix that bug. But i cannot install it because the directories : top_srcdir = ${top_dir} top_builddir = ${top_dir} ${top_builddir}/build/special.mk in the Makefile does not match on my FC6 Box. Any Help? Thanks. Also : httpd -t gives me the following warnings because i added some stupid Vhost directives in ispconfig but when Till told me to remove that mistake i belive it was to late. Anything to get rid of this warning or it is fine like that : [Tue Aug 07 02:10:49 2007] [warn] module security2_module is already loaded, skipping [Tue Aug 07 02:10:49 2007] [warn] module unique_id_module is already loaded, skipping [Tue Aug 07 02:10:49 2007] [warn] NameVirtualHost X.X.X.X:80 has no VirtualHosts Syntax OK Thanks.
link for modsecurity-apache_2.1.2.tar.gz the link for modsecurity-apache_2.1.2.tar.gz is : http://www.modsecurity.org/download/modsecurity-apache_2.1.2.tar.gz thanks.
Disabling mod_security2 Thanks Falko, I think this is the best solution for now. So to disable mod_secutrity2, should i do : SecFilterEngine Off SecFilterScanPOST Off in the mod_security.conf file and that´s all ? llamy.
I'd comment out the mod_security2 module in your Apache configuration and also all mod_security2 directives.
