We are getting 500 Internal Server Error on the site.
All the file permissions and ownerships are correct.
-----------------
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@the-landscape-design-site.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
----------------------------------------------------
As I checked the apache error logs, it is showing-
----------------------------------------------------------------------------------------------
[Wed Mar 17 02:25:40 2010] [alert] [client xx.xx.x.xxx] /home/USER/public_html/.htaccess: Invalid command 'SecFilterEngine', perhaps mis-spelled or defined by a module not included in the server configuration, referer: http://www.websitename.com/
---------------------------------------------------------------------------------------------
Fix:
vi /home/USER/public_html/.htaccess
and search for the line containing words "SecFilterEngine" and "SecFilterScanPOST" and make comment for these lines and you can add following 4 lines(without number) proper code to disable mod security for this particular site.
--------------------------------
| |
|
|
|
|
|
|
--------------------------------
save your .htaccess and restart apache on server. Your site should work now.
**********************************************
You can also disable mod security for a domain through virtual entry in httpd.conf.
First you should login to your server via SSH as the ‘root’ user.
You should then use nano or your favorite text editor (ie. pico, vi etc…)
to open the /etc/httpd/conf/httpd.conf (sometimes /usr/local/apache/conf/httpd.conf or /etc/apache2/httpd.conf) file.
Notice: You may have to edit a different file such as
/etc/httpd.conf/conf.d/vhosts.conf if your server is setup to use a separate vhost configuration file.
You should then locate the vhost for the domain in question and paste the following code into the vhost:
--------------------------
|
|
-------------------------
Now you just have to save, exit and restart apache. Run service httpd restart or /etc/init.d/httpd restart or whatever script you have to restart Apache.
You can manage most of the main mod_security settings from a .htaccess file, so you can control it down to a per-domain, per-directory and/or per-file basis, switching off individuals rules, added new ones and just turning it off.
*********************
