Login error with Moodle.

Category: Moodle

teacherjim
Asked:
2013-05-03 2:16 pm EST

Hits: 1,055
When logging in to moodle2.lpvec.net I get:
An appropriate representation of the requested resource /login/index.php could not be found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

The /login/index.php file is there with correct permissions.
We think it is a mod_security issue.

You must login before you can ask a follow up question.

You must login before you can submit an answer.

email the admin at jwalker@lpvec.org
teacherjim
5 Points
2013-05-03 02:23 pm EST
Login now working the following was the fix->

php_mailer.conf
/usr/local/apache/conf/modsec-imh/php_mailer.conf
b
I changed this
# Will block if the Host header is in all caps with a lower-case tld,
# if the request URI ends with ".php" (case insensitive), if the user agent
# matches the list of patterns, if the method is POST and if Referer is not set.
# See #3885 for details
SecRule REQUEST_HEADERS:Host "[0-9A-Z\.-]\.[a-z\.]+" "chain,log,deny,status:406, \
msg:'POST request appears to be to spam mailer',id:13421"
SecRule REQUEST_FILENAME "\.php$" "chain,t:lowercase"
SecRule REQUEST_HEADERS:User-Agent "Mozilla/5.0" "chain,t:removeWhitespace"
SecRule REQUEST_HEADERS_NAMES "!@contains Referer" "chain"
SecRule REQUEST_METHOD "POST"

to this to make it work:

# Will block if the Host header is in all caps with a lower-case tld,
# if the request URI ends with ".php" (case insensitive), if the user agent
# matches the list of patterns, if the method is POST and if Referer is not set.
# See #3885 for details
#SecRule REQUEST_HEADERS:Host "[0-9A-Z\.-]\.[a-z\.]+" "chain,log,deny,status:406, \
# msg:'POST request appears to be to spam mailer',id:13421"
#SecRule REQUEST_FILENAME "\.php$" "chain,t:lowercase"
#SecRule REQUEST_HEADERS:User-Agent "Mozilla/5.0" "chain,t:removeWhitespace"
#SecRule REQUEST_HEADERS_NAMES "!@contains Referer" "chain"
#SecRule REQUEST_METHOD "POST"
teacherjim
5 Points
2013-05-03 02:56 pm EST
Hey teacherjim,

Yeah sorry about that, it looked like our senior system administration team had rolled out some new ModSecurity rules to help protect against some new methods used by spammers to try to relay out spam via PHP scripts. It looked like they resulted in a false positive for your Moodle login attempts.

I've gone ahead and also made that file immutable for you by running:

chattr +i /usr/local/apache/conf/modsec-imh/php_mailer.conf


That way if they roll out another update it should still leave yours commented out and disabled. Please let us know if you continue to notice any further issues.

- Jacob
JacobIMH
9,962 Points
2013-05-03 03:13 pm EST

OTHER ANSWERS

0

JacobIMH
Staff
9,962 Points
2013-05-03 2:51 pm EST
Hello teacherjim, and thank you for your question, and sorry for the problems.

This did appear to be an issue with mod_security. I went ahead and corrected this particular problem for you.

If you continue to experience issues with ModSecurity, and since you already have root access to your server, I might recommend reading my article on how to find and disable specific ModSecurity rules to prevent them from causing you further problems.

Please let us know if you had any further questions at all.

- Jacob

You must login before you can post a comment about this answer.

Like this Question?

Related Articles

It looks like there are no related articles.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!