Search code examples
shellfile-uploadcpanelmod-securityjail-shell

Can't upload file via php in Jailed Shell account

I have a problem loading a file via php when the cpanel user has shell access set to "Jailed Shell", the php call goes into error 400 without php errors, but with an apache error:

ModSecurity: Failed to open temporary file for reading: /var/imunify360/tmp_modsec/20240724-102950-ZqC7ful4atLhSh-vQAf-1AAAAAY-request_body-S2rU78.

Obviously when I set the shell access from "Jailed" to "Normal" the problem disappears and the file is loaded correctly, but I need the user to have the Jailed shell

My php code:

function uploadPdf($file)
{
    $upload_dir = $_SERVER['DOCUMENT_ROOT'] . '/public/uploads/';
    $file_path = $upload_dir . basename($file['name']);
    if (move_uploaded_file($file['tmp_name'], $file_path)) {

    } else {
        
    }
}

I have already tried to change the permissions on the /var/imunify360/tmp_modsec folder to 777 but the error remains.

Solution

  • I solved it with this procedure:

    1. Log into WHM as the ‘root’ user.
    2. Navigate to "Home / Server Configuration / Tweak Settings."
    3. Click on the "Security" tab.
    4. Scroll down to the "EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell." option.
    5. Set the "EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell." option to "Off."
    6. Scroll to the bottom of the page.
    7. Click the "Save" button.

    From the cPanel support site