ModSecurity: collection_store: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied

The error Failed to access DBM file /var/cpanel/secdatadir/ip: Permission denied can occur on systems where the process is owned by an account which does not have the proper permissions to modify a global file. For such cases the following may be used to resolve the issue.

/var/cpanel/secdatadir/ip for example is used for storing collections data but is often set for apache or root. You would have to find the modsecurity rule which uses the "initcol" function for "ip," and comment out the rule entirely so the collection is not made to begin with. This will obviously break any rules that need the collection data, but most webapp defence rules (aside from brute force) don't use collections much. If you are using the WHM vendor management for the automated rule updates, you would want to disable updates for the file that initiates the collections if you do this. Once the particular rules have been disabled restart Apache and the errors should then go away.

In the case you were using mod_ruid2 and have moved away from it, you should remove /var/cpanel/secdatadir/ip.dir and ip.pag in the same directory. Restart apache and it should be recreated with proper permissions. In some cases removing the IP based rules will still be necessary.




Share this page:


Was this article useful? Have any suggestions or improvements to the information?

Also Read

yum-utils not installed or found on Centos5 64-bit

When yum-utils is not installed or found on Centos5 64-bit the following commands may be used:...

Reset cPanel Max Defers for an Account

While viewing exim_mainlog and seeing the following: enforce_mail_permissions: Domain...

FSCK Options and Maintenance

Provided below are some useful commands pertaining to FSCK. Update commands to your environment /...

Failed to start tailwatchd. Unit tailwatchd.service entered failed state.

Failed to start tailwatchd. Unit tailwatchd.service entered failed state.  tailwatchd.service...

Disable cPanel Brute Force Command Line

To disable the cPanel brute force detection from the command line usee the following:...