Rare backup restore error when connecting server

Rare backup restore error when connecting server

by David Delgado -
Number of replies: 3

When I try to restore a backup from my own Moodle server via drag and drop, everything goes ok and it works. When I upload a file to a course by drag and drop it also works fine.

The problem comes when I try to restore a backup from ANOTHER Moodle server with a lower Moodle version (which should be compatible). It says "error when connecting server". If I select the file with the file picker button, it hangs forerver.

I have been reading a lot about that kind of errors, which has happened many times ( https://www.google.es/search?q=moodle+backup+restore+error+when+connecting+server ), and normally is a problem with the web server configuration or simply a network problem. In my case, it works with backup files of my own server, which is very rare.

If I look at the Apache error log, i got this:

"[Mon Apr 27 08:48:00.390618 2020] [:error] [pid 11764:tid 140055345727232] [client 81.61.70.109:36526] [client 81.61.70.109] ModSecurity: Access denied with code 44 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/conf.d/mod_security.conf"] [line "34"] [id "200003"] [msg "Multipart parser detected a possible unmatched boundary."] [hostname "cursos.webizando.es"] [uri "/repository/repository_ajax.php"] [unique_id "XqaOMOc7tU4cAuLbJWTDwQAAAIA"], referer: http://cursos.webizando.es/backup/restorefile.php?contextid=1

[Mon Apr 27 08:48:00.390664 2020] [http:error] [pid 11764:tid 140055345727232] [client 81.61.70.109:36526] AH01579: Invalid response status 44, referer: http://cursos.webizando.es/backup/restorefile.php?contextid=1

[Mon Apr 27 08:48:05.971121 2020] [proxy_fcgi:error] [pid 11764:tid 140055209285376] [client 114.119.161.68:36530] AH01071: Got error 'Primary script unknown\n'"

Any ideas on how to solve this? 🤔


Average of ratings: -
In reply to David Delgado

Re: Rare backup restore error when connecting server

by Ken Task -
Picture of Particularly helpful Moodlers

A mod_security rule was triggered ...

/etc/httpd/conf.d/mod_security.conf" line "34"

200003

You must add an exception for /repository/repository_ajax.php in mod_security rules to allow.

In conf file one could set mod_security to Detect only as below
    # Default recommended configuration
#    SecRuleEngine On
    SecRuleEngine DetectionOnly

Check the logs and when you see a rule that would have prevented add an exception to that rule for that url

https://www.modsecurity.org/CRS/Documentation/exceptions.html

'SoS', Ken

Average of ratings: Useful (2)
In reply to Ken Task

Re: Rare backup restore error when connecting server

by David Delgado -
Thank you, Ken. Setting set mod_security to Detect only worked for me. smile Anyway, what that does is diseabling the Wep Application Firewal, doesn't it? A bit scary, but I don't think I really need it running. Adding an exception is an option, but it seems a bit too complicated. I think I will keep it disabled. Do you agree?
Average of ratings: -
In reply to David Delgado

Re: Rare backup restore error when connecting server

by Ken Task -
Picture of Particularly helpful Moodlers

Not going to decide for you ... paranoia levels can't be debated ... mod_security is a good thing ... even if it rears it's ugly head from time to time ... but once you know where to look and how to make execeptions, your site is about as secure as it's gonna be ... https with valid certs .. up-to-date Moodle/other code ... + seLinux + mod_security - what more can one do?

Let's not forget (oooh me, paranoia level stresser coming ....) that web is just one attack vector on a typical Linux flavored server.   There is ssh and db server also ... if aware and one is hosted where one can control ... move default ssh port from standard port to higher and db server config'd for 'localhost' only ... no remote access.  Do you really need PHPMyAdmin?

'SoS', Ken



Average of ratings: -