SecurityException in Application.cpp:188: Do not have root privileges. Executable not set-uid root

Sometimes, you may encounter with a website showing 500 internal server error and in apache error logs, it shows the following error message.

SecurityException in Application.cpp:188: Do not have root privileges. Executable not set-uid root?

Premature end of script headers: index.php

This error is because of the suphp binary which is missing its sticky/suid permissions. It can be fixed by executing the following command.

# chmod +s /opt/suphp/sbin/suphp

Once permissions are corrected, check the website, it should be working fine now.

ModSecurity: Request body (Content-Length) is larger than the configured limit

ModSecurity: Request body (Content-Length) is larger than the configured limit

While uploading large files, you may get the following error due to mod_security.

ModSecurity: Request body (Content-Length) is larger than the configured limit (134217728). Deny with status (413) [hostname “domain.com”] [uri “/folder/folder2/file.php”] [unique_id “T-VoPZ7-KsUAABnOIf8AAAAC”]

To resolve the issue,

Modify your modsec2.conf and change the limit set for SecRequestBodyInMemoryLimit

# vi /etc/httpd/conf/modsec2.conf

search for SecRequestBodyInMemoryLimit

SecRequestBodyInMemoryLimit 531072

increase the value, save the file and restart the apache service.

Mod_rewrite Checking

Mod_rewrite is an Apache module installed on Linux servers by default, it does not have to be installed or enabled.

Mod_rewrite manipulates browser submitted URLs and translates them to deliver content to the browser. This process takes places entirely server-side and without the browser’s knowledge. The resulting content appears to have originated from the submitted URL, much like masking. With it you can nearly do all types of URL manipulations you ever dreamed about.

Rewritten URLs (sometimes known as short, fancy URLs, or search engine friendly – SEF) are used to provide shorter and more relevant-looking links to web pages.

If you want to check Mod_rewrite is enabled or not on your server then follow these steps,

1. In the public_html folder of your site make the test folder and in that test folder create the .htaccess file and the following code in the .htaccess file.

Code:

Options +FollowSymlinks
RewriteEngine on

And then access test folder in the browser (http://yourdomain.com/test/) If you did not get any error then Mod_rewrite is enabled on the server and If you get 500 Internal Server Error then Mod_rewrite is not enabled on the server.

2. You can check the phpinfo also.

Create a file called phpinfo.php in your public_html folder and add following code there, change the ownership and access it as http://yourdomain.com/phpinfo.php and check Loaded Modules, you will found it there.

Phpinfo code;

<?php
phpinfo()
?>