Webhosting Blog

Modsecurity cron problem.

Sometimes you might start receiving the errors in mod security cron as follows:

connect(‘modsec:localhost’,’modsec’,…) failed: Access denied for user href=”mhtml:{CA6DED19-950C-4C5A-97F2-5C8634CBD55B}mid://00000086/!x-usc:mailto:’modsec’@’localhost'”>’modsec’@’localhost’
(using password: YES) at /etc/cron.hourly/modsecparse.pl line 19
Unable to connect to mysql database at /etc/cron.hourly/modsecparse.pl line 19.

The error occurs due to the password being mis configured in the file /etc/cron.hourly/modsecparse.pl .

You can use the following steps to sort the issue.

1) open the file /etc/cron.hourly/modsecparse.pl. You can find the following details in the file :

my $dbhost     = ‘localhost’;
my $dbuser     = ‘modsec’;
my $dbpassword = ‘somepassword’;      
my $dbname     = ‘modsec’;
my $tblname    = ‘modsec’;

check the password in the actual database for modsec.

server@root# mysql
mysql >\u mysql
mysql> select password from user where user=’modsec’;
mysql> select password(‘dbpassword’);

ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect…
Connection id:    4797
Current database: mysql

| password               |
| *8810994AD1910DDF9B31CB0DBF699C984CCFFEDC |
1 row in set (0.00 sec)

Replace the dbpassword with actual password from the file /etc/cron.hourly/modsecparse.pl .

mysql> UPDATE user SET Password=PASSWORD(‘somepassword’) WHERE User=’modsec’;

This will reset the password for the DB modsec to the original password  somepassword in the file /etc/cron.hourly/modsecparse.pl .

Once done you can just run the following command to ensure the DB is fixed !

server@root # perl -w /etc/cron.hourly/modsecparse.pl

If it runs without error the problem is sorted. :)




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s