Author Topic: Error 500  (Read 6013 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Error 500
« on: June 20, 2019, 03:17:52 PM »
Hello, today i installed cwp, i added webhost for my domain.
Everithing wont great.
I uploaded the archive from BoxBilling, I install this cms, i configured all, htaccess, permissions.
When i want to open my site appear 500 Internal Server Error.

I followed the guide from http://wiki.centos-webpanel.com/500-internal-server-error
but nothing.. I checked the error from /usr/local/apache/logs

I cant figure out what can be the problem..

This is mi error_log

Quote
[Thu Jun 20 10:31:07.261744 2019] [:notice] [pid 32643:tid 139917307660096] ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/) configured.
[Thu Jun 20 10:31:07.261838 2019] [:notice] [pid 32643:tid 139917307660096] ModSecurity: APR compiled version="1.6.2"; loaded version="1.6.2"
[Thu Jun 20 10:31:07.261846 2019] [:notice] [pid 32643:tid 139917307660096] ModSecurity: PCRE compiled version="7.8 "; loaded version="7.8 2008-09-05"
[Thu Jun 20 10:31:07.261851 2019] [:notice] [pid 32643:tid 139917307660096] ModSecurity: LIBXML compiled version="2.7.6"
[Thu Jun 20 10:31:07.261855 2019] [:notice] [pid 32643:tid 139917307660096] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Thu Jun 20 10:31:07.494916 2019] [ssl:warn] [pid 32644:tid 139917307660096] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Thu Jun 20 10:31:07.509585 2019] [mpm_event:notice] [pid 32644:tid 139917307660096] AH00489: Apache/2.4.39 (Unix) OpenSSL/1.0.1e-fips configured -- resuming normal operations
[Thu Jun 20 10:31:07.509649 2019] [core:notice] [pid 32644:tid 139917307660096] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Thu Jun 20 10:40:51.984917 2019] [:error] [pid 5822:tid 139917107640064] [client 109.103.196.163:58879] [client 109.103.196.163] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:\\\\b(?:(?:s(?:ys\\\\.(?:user_(?:(?:t(?:ab(?:_column|le)|rigger)|object|view)s|c(?:onstraints|atalog))|all_tables|tab)|elect\\\\b.{0,40}\\\\b(?:substring|users?|ascii))|m(?:sys(?:(?:queri|ac)e|relationship|column|object)s|ysql\\\\.(db|user))|c(?:onstraint ..." at ARGS_NAMES:SELECT * FROM mysql.users. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "116"] [id "950007"] [rev "2"] [msg "Blind SQL Injection Attack"] [data "Matched Data: SELECT * FROM mysql.users found within ARGS_NAMES:SELECT * FROM mysql.users: SELECT * FROM mysql.users"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "51.79.50.104"] [uri "/index.php"] [unique_id "XQua80LueJ25nU1yvd8xPwAAAMQ"]
[Thu Jun 20 10:40:52.230130 2019] [:error] [pid 5822:tid 139917097150208] [client 109.103.196.163:58879] [client 109.103.196.163] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:CWP-User. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: \\x22 found within REQUEST_COOKIES:CWP-User: {\\x22user\\x22:\\x222173chf1\\x22,\\x22date\\x22:\\x2219-06-20 14:18:45\\x22,\\x22token\\x22:\\x22691394336168e12e38c9394939d2f2334d43b875\\x22,\\x22tokenuser\\x22:\\x223998d44ec5872094c6d11dd89df0733b:wIQgU4S4OOs=\\x22,\\x22pwd\\x22:\\x22yJ1IPSD+o+M=\\x5cn\\x22}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "51.79.50.104"] [uri "/favicon.ico"] [unique_id "XQua9ELueJ25nU1yvd8xQAAAAMU"]
[Thu Jun 20 10:54:22.321784 2019] [mpm_event:notice] [pid 32644:tid 139917307660096] AH00491: caught SIGTERM, shutting down
[Thu Jun 20 10:54:22.564816 2019] [:notice] [pid 11725:tid 139945327822656] ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/) configured.
[Thu Jun 20 10:54:22.564891 2019] [:notice] [pid 11725:tid 139945327822656] ModSecurity: APR compiled version="1.6.2"; loaded version="1.6.2"
[Thu Jun 20 10:54:22.564898 2019] [:notice] [pid 11725:tid 139945327822656] ModSecurity: PCRE compiled version="7.8 "; loaded version="7.8 2008-09-05"
[Thu Jun 20 10:54:22.564903 2019] [:notice] [pid 11725:tid 139945327822656] ModSecurity: LIBXML compiled version="2.7.6"
[Thu Jun 20 10:54:22.564914 2019] [:notice] [pid 11725:tid 139945327822656] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Thu Jun 20 10:54:22.722501 2019] [ssl:warn] [pid 11732:tid 139945327822656] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Thu Jun 20 10:54:22.732108 2019] [mpm_event:notice] [pid 11732:tid 139945327822656] AH00489: Apache/2.4.39 (Unix) OpenSSL/1.0.1e-fips configured -- resuming normal operations
[Thu Jun 20 10:54:22.732241 2019] [core:notice] [pid 11732:tid 139945327822656] AH00094: Command line: '/usr/local/apache/bin/httpd'

Someone can help me?

Offline
**
Re: Error 500
« Reply #1 on: June 20, 2019, 09:48:37 PM »
Please check the domain logs from /usr/local/apache/domlogs

Offline
*
Re: Error 500
« Reply #2 on: June 20, 2019, 10:04:47 PM »
Please check the domain logs from /usr/local/apache/domlogs

Oh..it seems CWP has changed the symlink option for htaccess.
I solved the problem :)
Ty soo much for your help.
« Last Edit: June 20, 2019, 10:07:50 PM by TeoDoR »