Cloud Linux greatly increases the stability of a shared hosting environment through it’s resource limit feature that prevents sudden resource spikes from taking down the entire server.
By using CloudLinux you can define the max CPU, Memory, Concurrent Connections and Number of Cores Per LVE .
Cloud Linux Installation ::
Below are the few simple steps to complete the installation ::
root@server[#] wget http://repo.cloudlinux.com/cloudlinux/sources/cln/cpanel2cl
root@server[#] sh cpanel2cl -k <activation_key>
root@server[#] reboot
root@server[#] /scripts/easyapache --build
root@server[#] yum install cpanel-lve -y
root@server[#] yum install cpanel-lvemanager -y
root@server[#] yum install lve-cpanel-plugin -y
Installing and Configuring mod_hostinglimits if not already loaded with default installation
root@server[#] wget http://repo.cloudlinux.com/cloudlinux/sources/mod_hostinglimits.tar.gz
root@server[#] tar -zxvf mod_hostinglimits.tar.gz
root@server[#] cd mod_hostinglimits
root@server[#] cmake CMakeLists.txt
root@server[#] make install
And then add the below line in the httpd.conf to load the mod_hostinglimits module in Apache
LoadModule hostinglimits_module modules/mod_hostinglimits.so
Cloud Linux Uninstallation ::
Follow the below steps to uninstall CloudLinux safely ::
Before proceeding to un-installation of CloudLinux , check if your server has CloudLinux installed
/usr/local/cpanel/bin/cloudlinux_system_install -c
1 > Update your CentOS-provided RPMs
root@server[#] yum upgrade -y
2 > Recompile Apache and prevent linking to liblve
root@server[#] /scripts/easyapache --build
3 > Re-install your Non-CloudLinux Kernel
root@server[#] yum --disableexcludes=all install kernel
4 > Remove CloudLinux Kernel
root@server[#] rpm -qa |awk '/^kernel.*lve/ {print $1|"xargs yum -y erase"}'
5 > Reinstall any CloudLinux-provided RPMs that are also provided by CentOS
root@server[#] rpm -qa --qf "[%{VENDOR} %{NAME}\n]"|awk '/CloudLinux/ {print $2|"xargs yum reinstall -y"}'
6 > Downgrade any CloudLinux provided RPMs to the CentOS version
root@server[#] rpm -qa --qf "[%{VENDOR} %{NAME}\n]"|awk '/CloudLinux/ {print $2|"xargs yum downgrade -y"}'
7 > Remove any remaining CloudLinux specific RPMs
rpm -qa --qf "[%{VENDOR} %{NAME}\n]"|awk '/CloudLinux/ {print $2|"xargs yum erase -y"}'
8 > Upgrade any downgraded CentOS provided RPMs
root@server[#] yum upgrade -y
9 > Reboot the server to use the new non-CloudLinux kernel
root@server[#] reboot
Tuesday 23 October 2012
Saturday 30 June 2012
cpsrvd not running
If Cpanel is not running on the server and you are getting following,
# service cpanel status
cpsrvd dead but pid file exists
entropychat is stopped
melange is stopped
stunnel is stopped
interchange is stopped
qrunner is stopped
Then if you try to restart cpsrvd and if you are getting following error,
# /usr/local/cpanel/cpsrvd restart
Cwd object version 3.11 does not match $Cwd::VERSION 3.14
Then please try running following to fix the problem,
rm -rf /usr/local/cpanel/modules-install/pro-* (kill old version of pro modulres)
echo -n > /var/cpanel/addonmoduleversions/pro
/scripts/upcp --force
This will fix the problem and Cpanel will start working again.
# service cpanel status
cpsrvd dead but pid file exists
entropychat is stopped
melange is stopped
stunnel is stopped
interchange is stopped
qrunner is stopped
Then if you try to restart cpsrvd and if you are getting following error,
# /usr/local/cpanel/cpsrvd restart
Cwd object version 3.11 does not match $Cwd::VERSION 3.14
Then please try running following to fix the problem,
rm -rf /usr/local/cpanel/modules-install/pro-* (kill old version of pro modulres)
echo -n > /var/cpanel/addonmoduleversions/pro
/scripts/upcp --force
This will fix the problem and Cpanel will start working again.
Tuesday 26 June 2012
CPanel Proxy - WHM Proxy Domain
What is CPanel Proxy Support?
CPanel proxy support allows you to access both the domain.com/cpanel and domain.com/webmail as subdomains. Additionally the normal CPanel ports for both the control panel and webmail are proxied through port 80. There are quite a few firewalls that block 2082, 2083 et. cetra as they are not standard ports.
The following once enabled should work:
http://cpanel.domain.com
http://webmail.domain.com
http://whm.domain.com
Requirements
CPanel
mod_rewrite
mod_proxy
How to enable CPanel Proxy
1. Open the WHM and access tweak settings:
2. Enable the following options:
This will setup all new accounts with the proper records; existing ones will need to be added via the /scripts/proxydomains script.
I would recommend disabling this one as you probably don’t want a client to break the setup for their domain trying to fix it:
3. For existing accounts open a shell prompt as root. All you need to do now is to setup the sub-domains so that customers can access them. The best way to do this is to specify the username:
Example:
Usage:
To do all accounts on the server (which can take a while):
To list all the options for this script simply type
CPanel proxy support allows you to access both the domain.com/cpanel and domain.com/webmail as subdomains. Additionally the normal CPanel ports for both the control panel and webmail are proxied through port 80. There are quite a few firewalls that block 2082, 2083 et. cetra as they are not standard ports.
The following once enabled should work:
http://cpanel.domain.com
http://webmail.domain.com
http://whm.domain.com
Requirements
CPanel
mod_rewrite
mod_proxy
How to enable CPanel Proxy
1. Open the WHM and access tweak settings:
Main >> Server Configuration >> Tweak Settings2. Enable the following options:
Add
proxy VirtualHost to httpd.conf to automatically redirect unconfigured
cpanel, webmail, webdisk and whm subdomains to the correct port
(requires mod_rewrite and mod_proxy)Automatically
create cpanel, webmail, webdisk and whm proxy subdomain DNS entries for
new accounts. When this is initially enabled it will add appropriate
proxy
subdomain DNS entries to all existing accounts. (Use /scripts/proxydomains to reconfigure the DNS entries manually)This will setup all new accounts with the proper records; existing ones will need to be added via the /scripts/proxydomains script.
I would recommend disabling this one as you probably don’t want a client to break the setup for their domain trying to fix it:
Allow users to create cpanel, webmail, webdisk and whm subdomains that override automatically generated proxy subdomains3. For existing accounts open a shell prompt as root. All you need to do now is to setup the sub-domains so that customers can access them. The best way to do this is to specify the username:
Example:
/scripts/proxydomains --user=username addUsage:
/scripts/proxydomains --user=mycpaneluser addTo do all accounts on the server (which can take a while):
/scripts/proxydomains addTo list all the options for this script simply type
/scripts/proxydomains 4. Add this to httpd.conf# CPANEL/WHM/WEBMAIL/WEBDISK PROXY SUBDOMAINS
<VirtualHost xx.xx.xx:80 *>
ServerName $hostname
ServerAlias cpanel.* whm.* webmail.* webdisk.*
DocumentRoot /usr/local/apache/htdocs
ServerAdmin system@hostname
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
UserDir disable
RewriteEngine On
<IfModule core.c>
SSLProxyEngine On
</IfModule>
RewriteCond %{HTTP_HOST} ^cpanel\.
RewriteCond %{HTTPS} on
RewriteRule ^/(.*) https://127.0.0.1:2083/$1 [P]
RewriteCond %{HTTP_HOST} ^webmail\.
RewriteCond %{HTTPS} on
RewriteRule ^/(.*) https://127.0.0.1:2096/$1 [P]
RewriteCond %{HTTP_HOST} ^whm\.
RewriteCond %{HTTPS} on
RewriteRule ^/(.*) https://127.0.0.1:2087/$1 [P]
RewriteCond %{HTTP_HOST} ^webdisk\.
RewriteCond %{HTTPS} on
RewriteRule ^/(.*) https://127.0.0.1:2078/$1 [P]
RewriteCond %{HTTP_HOST} ^cpanel\.
RewriteRule ^/(.*) http://127.0.0.1:2082/$1 [P]
RewriteCond %{HTTP_HOST} ^webmail\.
RewriteRule ^/(.*) http://127.0.0.1:2095/$1 [P]
RewriteCond %{HTTP_HOST} ^whm\.
RewriteRule ^/(.*) http://127.0.0.1:2086/$1 [P]
RewriteCond %{HTTP_HOST} ^webdisk\.
RewriteRule ^/(.*) http://127.0.0.1:2077/$1 [P]
UseCanonicalName Off
</VirtualHost>
Saturday 16 June 2012
How to upgrade MySQL 5.0 to MySQL 5.1 cPanel
How to upgrade MySQL 5.0 to MySQL 5.1 in a cPanel server
Login as root and edit /var/cpanel/cpanel.config.
Replace :
mysql-version=5.0 with
mysql-version=5.1
mysql-version=5.1
Finally run: /scripts/mysqlup
Squid and password authentication
yum install squid
Example of squid.conf
http_port 10000
hierarchy_stoplist cgi-bin ?acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERYauth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive offrefresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320acl all src 0.0.0.0/0.0.0.0
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling httpacl ncsa_users proxy_auth REQUIRED
http_access deny !Safe_ports
http_access allow ncsa_users
visible_hostname mysite.com
coredump_dir /var/spool/squid
service squid start
Setting proxy for wget:
export http_proxy=http://anton:testinsg@mysite:10000
If you want to make it anonymous add these lines:
forwarded_for offheader_access Allow allow all
header_access Authorization allow all
header_access WWW-Authenticate allow all
header_access Proxy-Authorization allow all
header_access Proxy-Authenticate allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
header_access Accept-Charset allow all
header_access Accept-Encoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access Cookie allow all
header_access Set-Cookie allow all
header_access All deny allacl ip4 myaclname yourip
tcp_outgoing_address yourip myaclname
Generate acl and tcp_outgoing_address:
for f in {314..372}; do echo “acl ip$((f))” myip aaa.bbb.ccc.$((f-246)) >> “blah1″; done
for f in {314..372}; do echo “tcp_outgoing_address aaa.bbb.ccc.$((f-246))” ip$((f)) >> “blah1″; done
How to redirect my website to be opened through HTTPS?
In order to redirect your website to be opened through HTTPS, you should add the following rewrite rule in your .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .* https://www.domain.com/%{REQUEST_URI} [R,L]
This will redirect your domain to https://www.yourdomain.com. If you wish the redirect to work without www, you should remove it from the rewrite rule:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .* https://domain.com/%{REQUEST_URI} [R,L]
Add swap on Linux
[root@host ~]# dd if=/dev/zero of=/swapfile bs=1024 count=1048576
1048576+0 records in
1048576+0 records out
[root@host ~]# sync
[root@host ~]# mkswap /swapfile
Setting up swapspace version 1, size = 1073737 kB
[root@host ~]# swapon /swapfile
[root@host ~]# echo “/swapfile swap swap defaults 0 0″ >> /etc/fstab
1048576+0 records in
1048576+0 records out
[root@host ~]# sync
[root@host ~]# mkswap /swapfile
Setting up swapspace version 1, size = 1073737 kB
[root@host ~]# swapon /swapfile
[root@host ~]# echo “/swapfile swap swap defaults 0 0″ >> /etc/fstab
Skip i386 packages on a x64_86 system
I have just installed Centos 5.5 by using the Netinstall version. Seems that on my x64_86 system I have a lot of i386 packages installed. To remove them I had to :
yum -C list installed | grep i386 | awk ‘{print $1}’ | xargs yum remove -y
Also edit /etc/yum.conf and add :
exclude=*.i386 *.i486 *.i586 *.i686 *.athlon
Setting a PPTP VPN in CentOS 5.6
Setting a PPTP VPN in Centos. I’m using the following commands in order to set the VPN:
yum remove -y pptpd ppp
iptables --flush POSTROUTING --table nat
iptables --flush FORWARD
rm -rf /etc/pptpd.conf
rm -rf /etc/ppp
rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel5/pptp-release-current.noarch.rpm
yum --enablerepo=poptop-stable install pptpd
mknod /dev/ppp c 108 0
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "mknod /dev/ppp c 108 0" >> /etc/rc.local
echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.local
echo "localip 172.16.36.1" >> /etc/pptpd.conf
echo "remoteip 172.16.36.2-254" >> /etc/pptpd.conf
echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd
echo "ms-dns 8.8.4.4" >> /etc/ppp/options.pptpd
pass=`openssl rand 6 -base64`
if [ "$1" != "" ]
then pass=$1
fi
read -p "User: " user
echo "${user} pptpd ${pass} *" >> /etc/ppp/chap-secrets
iptables -t nat -A POSTROUTING -s 172.16.36.0/24 -j SNAT --to-source `ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk 'NR==1 { print $1}'`
iptables -A FORWARD -p tcp --syn -s 172.16.36.0/24 -j TCPMSS --set-mss 1356
service iptables save
chkconfig iptables on
chkconfig pptpd on
service iptables start
service pptpd start
echo "VPN username is ${user}, VPN password is ${pass}"Monday 21 May 2012
About exim tutorial
Exim is a mail transfer agent (MTA) used on Unix-like operating systems.
To print a list of the messages in the queue:
# exim -bp
To remove all messages from the queue:
# exim -bp | exiqgrep -i | xargs exim -Mrm
Testing email with exim
# exim -v 'user@domain'
# message here
# ^D ( control D )
This will use exim from the command line to create an email message To: user@domain. After typing the message, use Control+D to send the EOF (end of file) characters to exim. Exim will stop receiving input from the command line and send the message text to user@domain.
How to limit the number of emails sent by each user (prevent spammer) with DA.
http://help.directadmin.com/item.php?id=81
To print a list of the messages in the queue:
# exim -bp
To remove all messages from the queue:
# exim -bp | exiqgrep -i | xargs exim -Mrm
Testing email with exim
# exim -v 'user@domain'
# message here
# ^D ( control D )
This will use exim from the command line to create an email message To: user@domain. After typing the message, use Control+D to send the EOF (end of file) characters to exim. Exim will stop receiving input from the command line and send the message text to user@domain.
How to limit the number of emails sent by each user (prevent spammer) with DA.
http://help.directadmin.com/item.php?id=81
Wednesday 9 May 2012
Fix Apache – No space left on device: Couldn’t create accept lock
This issue is related to semaphores. To view how many semaphores you have use:
root@hal [~]# sysctl -a | egrep kernel.sem\|kernel.msgmni
kernel.sem = 250 32000 32 128
kernel.msgmni = 16
You can change this values by adding them in /etc/sysctl.conf and then using sysctl -p to activate them.
There is no need to reboot.
There is no need to reboot.
To remove sempahores use either one of these commands:
for i in `ipcs -s | grep nobody | awk ‘{print $2}’`; do ipcrm -s $i; done
/scripts/restartsrv_httpd
or in Perl
ipcs -s | grep nobody | perl -e ‘while () { @a=split(/\s+/); print `ipcrm sem $a[1]`}’
or with xargs
ipcs -s | grep nobody | awk ‘ { print $2 } ‘ | xargs ipcrm
or bash style
for ipsemId in $(ipcs -s | grep nobody | cut -f 2 -d ‘ ‘); do ipcrm $ipsemId;done
Other errors :
Cannot create SSLMutex
add in httpd.conf
SSLMutex sem
Tuesday 8 May 2012
Nginx + php 5.2.17 + php-fpm
Download the needed packages and store them in /usr/src:
http://us.php.net/distributions/php-5.2.17.tar.gz
http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz
http://nginx.org/download/nginx-1.1.0.tar.gz
Then run :
tar -xvzf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | sudo patch -d php-5.2.17 -p1
cd php-5.2.17
./configure --enable-fastcgi --enable-fpm --with-mcrypt --with-zlib --enable-mbstring --enable-pdo --with-curl --disable-debug --with-pic --disable-rpath --enable-inline-optimization --with-bz2 --enable-xml --with-zlib --enable-sockets --enable-sysvsem --enable-sysvshm --enable-pcntl --enable-mbregex --with-mhash --with-xsl --enable-zip --with-pcre-regex --with-gd --without-pdo-sqlite --with-pdo-mysql --without-sqlite --with-jpeg-dir=/usr/lib --with-png-dir=/usr/lib --with-mysql --enable-bcmath --enable-calendar --enable-exif --enable-ftp --with-gettext --with-imap --with-mysqli --with-openssl --with-kerberos --with-imap-ssl --enable-dbase --with-gmp --enable-shmop --enable-wddxmake all install
Note that you can add –prefix to install the binaries in a different location than the default one.
After compilation is done :
strip /usr/local/bin/php-cgi
cp sapi/cgi/fpm/php-fpm /etc/init.d/
chmod +x /etc/init.d/php-fpmcp /usr/src/php-5.2.17/php.ini-recommended /usr/local/lib/php.ini
mkdir /etc/php/
ln -s /usr/local/lib/php.ini /etc/php/php.ini
ln -s /usr/local/etc/php-fpm.conf /etc/php/php-fpm.conf
Make sure you edit /etc/php/php-fpm.conf and set the proper user/group (and permissions if its the case).
Then compile Nginx:
tar zxvf nginx-1.1.0.tar.gz
./configure --sbin-path=/usr/local/sbin --with-http_ssl_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_stub_status_module
make && sudo make install
The same you can modify the –prefix here.
Script to autorestart httpd server if it fails
I use this script on a cpanel server..if output of pgrep command is 0 then the $restart command is issued
#!/bin/bash
restart=”/scripts/restartsrv_httpd”
pgrep httpd || $restart
exit 0
If its a VPS then I might add to clear the Semaphore Arrays.
for i in `ipcs -s | grep nobody | awk ‘{print $2}’`; do ipcrm -s $i; done
Then I put this script into Cron to run every 5 minutes.
# MIN HOUR DAYOFMONTH MONTH DAYOFWEEK COMMAND
*/5 * * * * /root/checkhttp.sh
Monitoring users with last and lastb
Probably all of you know already about the ”last” command and what it outputs.
For example here is what my says:
[aibo@lap ~]$ last | more giani pts/2 :0.0 Tue Oct 14 21:45 still logged in giani pts/6 :0.0 Tue Oct 14 21:06 still logged in abo pts/5 :pts/3:S.1 Tue Oct 14 21:06 still logged in abo pts/4 :pts/3:S.0 Tue Oct 14 21:05 still logged in abo pts/3 lap.x83.net Tue Oct 14 21:05 still logged in
It very important to choose strong passwords for all accounts, especially root, since it is the #1 attacked account.
Also an other nice tools is ”’lastb”’ which shows the last failed logins.
Top 5 most recently attacked accounts
[root@lap ~]# lastb | awk '{print $1}' | sort | uniq -c | sort -rn | head -5
7 root
2 rancid
2 giany
1 btmp
1
Top 5 most attacked accounts
[root@lap ~]# awk 'gsub(".*sshd.*Failed password for (invalid user )?", "") {print $1}' /var/log/secure* | sort | uniq -c | sort -rn | head -5
144 root
30 test
18 admin
9 user
6 webmaster
Top 5 attacker IP addresses
[root@lap ~]# awk 'gsub(".*sshd.*Failed password for (invalid user )?", "") {print $3}' /var/log/secure* | sort | uniq -c | sort -rn | head -5
397 124.109.44.155
128 206.169.122.212
107 89.179.174.40
24 83.17.92.138
15 85.25.151.96
Repair a Mysql database
When we try to repair a MySQL database we can stop the service. If you are using the MyISAM engine I recommend using myisamchk. A basic repair sentence could be like this:
myisamchk -r -q -p -v –sort_buffer_size=2000M /var/lib/mysql/database/table.MYI
The used parameters are the following:
* -r recovery mode
* -q quick recovery, the most common one. If this mode does not work you will have to make some research on your own.
* -p creates the keys to be repared in parallel threads.
* -v verbose mode
* –sort_buffer_size= use this to indicate the size of the buffer to sort the keys. If you do not specify this value, or the value you specify is too small, then you will see something like this myisamchk: error: myisam_sort_buffer_size is too small. To solve this just increment the size of the buffer to be used, if the error always appear then you have a extremely big table.
* -q quick recovery, the most common one. If this mode does not work you will have to make some research on your own.
* -p creates the keys to be repared in parallel threads.
* -v verbose mode
* –sort_buffer_size= use this to indicate the size of the buffer to sort the keys. If you do not specify this value, or the value you specify is too small, then you will see something like this myisamchk: error: myisam_sort_buffer_size is too small. To solve this just increment the size of the buffer to be used, if the error always appear then you have a extremely big table.
Wednesday 25 April 2012
Disable mod security
Disabling mod security using these .htaccess commands:
<ifmodule mod_security.c="">
SecFilterScanPOST Off
</ifmodule>
and
<ifmodule mod_security.c="">
SecFilterEngine off
</ifmodule>
<ifmodule mod_security2.c="">
SecFilterEngine off
</ifmodule>
So I had to edit my whitelist.conf here:
/usr/local/apache/conf/modsec2/whitelist.conf
and you added
<locationmatch "="" post.php"="" wp-admin="">
SecRuleRemoveById 300015 3000016 3000017
</locationmatch>
<locationmatch "="" admin-ajax.php"="" wp-admin="">
SecRuleRemoveById 300015 3000016 3000017
</locationmatch>
<locationmatch "="" page.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017
</locationmatch>
Exemple WP:
<locationmatch "="" post.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" admin-ajax.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" page.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" options.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" theme-editor.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" wp-includes="">
SecRuleRemoveById 960010 960012 950006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<ifmodule mod_security.c="">
SecFilterScanPOST Off
</ifmodule>
and
<ifmodule mod_security.c="">
SecFilterEngine off
</ifmodule>
<ifmodule mod_security2.c="">
SecFilterEngine off
</ifmodule>
So I had to edit my whitelist.conf here:
/usr/local/apache/conf/modsec2/whitelist.conf
and you added
<locationmatch "="" post.php"="" wp-admin="">
SecRuleRemoveById 300015 3000016 3000017
</locationmatch>
<locationmatch "="" admin-ajax.php"="" wp-admin="">
SecRuleRemoveById 300015 3000016 3000017
</locationmatch>
<locationmatch "="" page.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017
</locationmatch>
Exemple WP:
<locationmatch "="" post.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" admin-ajax.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" page.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" options.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" theme-editor.php"="" wp-admin="">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
<locationmatch "="" wp-includes="">
SecRuleRemoveById 960010 960012 950006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
</locationmatch>
Subscribe to:
Posts (Atom)