Drupal 7, nginx with ModSecurity - How to resolve that 404 error page please?

Matej Zuzčák mzuzcak at secit.sk
Tue Nov 29 08:08:23 UTC 2016

Hello all,

I have installed Drupal 7 on latest version of Nginx web server which
was compiled with support of ModSecurity module. I have activated core
OWASP rule set. But when I active ModSecurity in my virtual host config
file for my Drupal 7 web I do not login, register or reset password with
this error in log:

[error] 11158#0: *1 open() "/var/www/MY_WEBSITE/node" failed (2: No such
file or directory), client: IP, server: MY_SERVER, request: "POST
/node?destination=node HTTP/1.1", host: "MY_WEBSITE", referrer:

And client gets 404 error page.

I applied these practices
https://geekflare.com/modsecurity-owasp-core-rule-set-nginx/ and

When I change SecRuleEngine from "On" to "DetectionOnly" result is the
same, For correct operation I have to "switch off" ModSecurity in
virtual host config for domain.

So please have you any advices for solving this problem?

Help me please.
Many thanks!

Best Regards
Matej Zuzcak

More information about the nginx mailing list