ModSecurity: collection_store: Failed to access DBM file /var/cpanel/secdatadir/ip: Permission denied

The error Failed to access DBM file /var/cpanel/secdatadir/ip: Permission denied can occur on systems where the process is owned by an account which does not have the proper permissions to modify a global file. For such cases the following may be used to resolve the issue.

/var/cpanel/secdatadir/ip for example is used for storing collections data but is often set for apache or root. You would have to find the modsecurity rule which uses the "initcol" function for "ip," and comment out the rule entirely so the collection is not made to begin with. This will obviously break any rules that need the collection data, but most webapp defence rules (aside from brute force) don't use collections much. If you are using the WHM vendor management for the automated rule updates, you would want to disable updates for the file that initiates the collections if you do this. Once the particular rules have been disabled restart Apache and the errors should then go away.

In the case you were using mod_ruid2 and have moved away from it, you should remove /var/cpanel/secdatadir/ip.dir and ip.pag in the same directory. Restart apache and it should be recreated with proper permissions. In some cases removing the IP based rules will still be necessary.



  • 145 Users Found This Useful

Was this answer helpful?

Related Articles

central_filter defer (-17): error in filter file: unknown filtering command r_subject: near line 22 of filter file

The error "central_filter defer (-17): error in filter file: unknown filtering command r_subject:...

Error: Multilib version problems found

Finished Dependency Resolution Error:  Multilib version problems found. This often means that...

connection failed for acme-v01-api-letsencrypt org: SSL connect attempt failed

 (Hypertext Transfer Protocol) “post” request to...

Recursive chmod / Permission Change Across Directories for a File Type

The following command may be very useful for changing the permissions of a file type such as .php...

CSF Error: *WARNING* Binary location for [HOST] [/usr/bin/host] in /etc/csf/csf-conf is either incorrect, is not installed or is not executable

During a CSF start or restart you may encounter this error. This is a result of /usr/bin/host...