hi everyone

after i move to the new host and there are stange error:

+ All the image in forum can not display
+ The music can not play
+ When i go to some pages ,and appear

500 internal server error
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@yourdomain.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


MY server worked fine before move to the new dedicate server. LInux + Cpanel. I installed BFD....some basic stuffs. And Disable system, exec,shell-exe in php.ini, chmod 711 /home. I think my server misconfiguration. Anyone have any idea why it happens ?thank alot guys.

did you install phpsuexec?

hi linux

i did not

do i need to install phpsuexec ? here is the proplem http://dominh.com . when u click the image folder it will appear the error.

more example:

when i go to my client pages www.sitename.com , it's let me in, only the images cann't display.
Next ,if i go to the forums : www.sitename.com/forums, then it says

500 internal server error
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@yourdomain.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


it happens to all the clients, when go to the folder EX: www.sitename/something/ ...

So my Questions: why cann't the image display ? And why does the error "500 internal server error" happen everytime when i go to www.sitename.com/something/ ...?

thanks for looking guys

Hi Tin,

Check your apache error logs ' /usr/local/apache/logs/error_logs ' for errors..while accessing the problem URL....

did you install mod_security?

Originally posted by eth00
did you install mod_security?

yes, i did

May be you wrong configure mod_security... check audit_log.

Originally posted by andreyka
May be you wrong configure mod_security... check audit_log.
yep. i think so

i went back and take off what i changed in httpd.conf for mod_security and finally it works now


# Turn the filtering engine On or Off
SecFilterEngine On

# Change Server: string
SecServerSignature " "

# Make sure that URL encoding is valid
SecFilterCheckURLEncoding On

# This setting should be set to On only if the Web site is
# using the Unicode encoding. Otherwise it may interfere with
# the normal Web site operation.
SecFilterCheckUnicodeEncoding Off

# Only allow bytes from this range
SecFilterForceByteRange 1 255

# The audit engine works independently and
# can be turned On of Off on the per-server or
# on the per-directory basis. "On" will log everything,
# "DynamicOrRelevant" will log dynamic requests or violations,
# and "RelevantOnly" will only log policy violations
SecAuditEngine RelevantOnly

# The name of the audit log file
SecAuditLog /var/log/httpd/audit_log

# Should mod_security inspect POST payloads
SecFilterScanPOST On

# Action to take by default
SecFilterDefaultAction "deny,log,status:500"

# Require HTTP_USER_AGENT and HTTP_HOST in all requests
SecFilterSelective "HTTP_USER_AGENT|HTTP_HOST" "^$"

# Prevent path traversal (..) attacks
SecFilter "../"

# Weaker XSS protection but allows common HTML tags
SecFilter "<[[:space:]]*script"

# Prevent XSS atacks (HTML/Javascript injection)
SecFilter "<(.|n)+>"

# Very crude filters to prevent SQL injection attacks
SecFilter "delete[[:space:]]+from"
SecFilter "insert[[:space:]]+into"
SecFilter "select.+from"

# Protecting from XSS attacks through the PHP session cookie
SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"


just wonder are there something wrong when i configed mod_security ?

i followed the link from http://www.webhostgear.com/62.html, thanks guys for looking

# Make sure that URL encoding is valid
SecFilterCheckURLEncoding On


That rule is probably causing the problems. Check the audit_log to be sure.

what is purpose of checking audit_log ? what is command for audit_log ? do i need to change anything ? ..etc , thanks guys

p/s: sorry newbie questions