For every site hosted I am getting this error Audit log: Failed to lock global mutex: Permission denied
Any help
What the version of mod_security you are running?
This is compatibility issue between Mod Ruid2 and Mod Security. Please see https://forums.cpanel.net/f5/mod-ruid2-mod-security-conflicts-cpanel-263601.html for details.
It fixed in last version of cPanel. It can be updated by running cPanel update script:
# /scripts/upcp --force
Or if you dont like to update cPanel this can be fixed by adding this lines into /usr/local/apache/conf/modsec2.user.conf
(Here is original instructions http://undefinederror.org/modsecurity-audit-log-failed-to-unlock-global-mutex-permission-denied/):
SecAuditLogDirMode 0777 SecAuditLogFileMode 0550 SecAuditLogStorageDir /usr/local/apache/logs/audit SecAuditLogType Concurrent
Latest version 2.8
I already have the latest version of cpanel.
I have done that, all wordpress sites are still giving error. hen logged into wordpress admin panel and trying to update sites its giving permission denied error. May i know what is the issue?
213030 rule id giving false positive error for all websites of wordpress till now
also ruleid 213100 is giving false positive error.
There were so many fale positive rules and have to completely remove comodo waf. Hope will use it in near future when its little bit stable
I am seeing this as well. Latest version of cPanel with PHP 5.4.30 and ruid2.
SecAuditLogDirMode 0777
SecAuditLogFileMode 0550
SecAuditLogStorageDir /usr/local/apache/logs/audit
SecAuditLogType Concurrent
has been appended to modsec2.conf and apache restarted yet still seeing a flood of these errors. I am aware of when cPanel indicated they corrected the issue yet I do not see that whatsoever even with a forced update. It still appears to be an issue of user account level access when attempting to write the logs which is incorrect.
There is a conflict between mod_ruid and mod_security. For example, [b]https://github.com/SpiderLabs/ModSecurity/issues/454[/b]
That is an old article that was supposedly corrected by the modsecurity group and updated by cPanel.
Yes, what is interesting to me is I am not seeing these errors on a standard cPanel server with the Atomic ruleset installed. Somewhere possibly a deviation in the audit/response modes or the ruleset themselves with the Comodo WAF may be occurring causing this to stick out like a sore thumb in the error logs.
Server version: Apache/2.2.27 (Unix)
Server built: Jul 17 2014 01:33:24
Cpanel::Easy::Apache v3.26.0 rev9999 +cloudlinux
Server’s Module Magic Number: 20051115:33
Server loaded: APR 1.5.0, APR-Util 1.5.3
Compiled using: APR 1.5.0, APR-Util 1.5.3
Architecture: 64-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
PHP 5.4.30 (cli) (built: Jul 17 2014 01:38:33)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
with XCache v3.1.0, Copyright (c) 2005-2013, by mOo
with the ionCube PHP Loader v4.6.1, Copyright (c) 2002-2014, by ionCube Ltd., and
with Zend Guard Loader v3.3, Copyright (c) 1998-2013, by Zend Technologies
with XCache Cacher v3.1.0, Copyright (c) 2005-2013, by mOo
As ruid2 is growing quickly in popularity this really needs to be addressed by the WAF group if this is going to be a viable security option moving forward.
Hi!
i have same message but with Directadmin, How to fix it exactly?
Thanks!
I suppose the reason of this issue is a conflict between mod_ruid and mod_security.
For example, Audit log: Failed to lock global mutex: Permission denied · Issue #454 · SpiderLabs/ModSecurity · GitHub