HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.
Proud to be a PHP Open Source CMS
Learn more

> Home » Forum home » Deploying » View topic

Error when editing

Login / Search

 [ Join | More ]
 [More]
 Add topic 
Posted
Rating:
#82283 (In Topic #17150)
bigguy
Avatar

Fan in action

shuts the site down

Any time I go to edit a blog or a news article and then press save I get this message on a white screen and then I am locked out of everything. I can't get to my sites, cpanel or WHM unless I use a proxy. FTP does not even work. Can I get some help with this please. AS it stands now I have to phone my host and ask them to fix it cause I can't access anything.

Precondition Failed

The precondition on the request for the URL /cms/index.php evaluated to false.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Back to the top
 
Posted
Rating:
#82284
bigguy
Avatar

Fan in action
I guess it's my server firewall that is blocking me or something. My host says the csf firewall is doing that. Any reason why it would be. ???
Back to the top
 
Posted
Rating:
#82289
Chris Graham
Avatar

ocStaff (admin)
You'll need to ask the host to go through their logs. They've set up some overly-restrictive rules so the onus is on them to track it down and make the rules less arbitrary.


Become a fan of ocPortal on Facebook or add me as a friend.

Expand: Was I helpful? Was I helpful?

Expand: Follow me on Twitter Follow me on Twitter







If I answered something that you think should be in the documentation, please take the initiative and add it to the community documentation. We really need people to help out here and build a well-organised large support resource.
Back to the top
 
Posted
Rating:
#82292
bigguy
Avatar

Fan in action
Is this an error from Ocportal or from my server:

Precondition Failed

The precondition on the request for the URL /cms/index.php evaluated to false.
Back to the top
 
Posted
Rating:
#82295
Chris Graham
Avatar

ocStaff (admin)
The server.

I just re-read your topic title. Incompetent web hosts often trigger this by sensing any posted HTML as a hack attack. Which just happens to block all WYSIWYG editors.


Become a fan of ocPortal on Facebook or add me as a friend.

Expand: Was I helpful? Was I helpful?

Expand: Follow me on Twitter Follow me on Twitter







If I answered something that you think should be in the documentation, please take the initiative and add it to the community documentation. We really need people to help out here and build a well-organised large support resource.
Back to the top
 
Posted
Rating:
#82297
bigguy
Avatar

Fan in action
Ok I will check this out with my server admin. I can use the wysiwyg editor in SMF and it is not blocked though. Btw, this just started to happen after I upgraded ocportal if that means anything, not sure if it does or not. Just a FYI I guess.  :)
Back to the top
 
Posted
Rating:
#82299
Chris Graham
Avatar

ocStaff (admin)
I'd be interested in what they say is the cause then. If there is something in our code that looks 'suspicious' I'd consider tuning it (as we've done a few times before actually).

It's just this kind of thing annoys me :lol:.


Become a fan of ocPortal on Facebook or add me as a friend.

Expand: Was I helpful? Was I helpful?

Expand: Follow me on Twitter Follow me on Twitter







If I answered something that you think should be in the documentation, please take the initiative and add it to the community documentation. We really need people to help out here and build a well-organised large support resource.
Back to the top
 
Posted
Rating:
#82300
bigguy
Avatar

Fan in action
I just got a email back from the web host and this is what they say:

The issue is not with the firewall in the server. The editor you are using in the portal is trying to inject code, as detected by the Modsecurity module in the webserver. Thus, server is denying the request. Please see the errors from the logs given below.

They gave me the logs and we do have mod_security enbled on the server. All I was doing was trying to edit a blog, then I tried to edit the news and the same thing happened.
Back to the top
 
Posted
Rating:
#82307
Chris Graham
Avatar

ocStaff (admin)
The issue is not with the firewall in the server. The editor you are using in the portal is trying to inject code, as detected by the Modsecurity module in the webserver. Thus, server is denying the request.

That is pure incompetency. Of course the editor is injecting code, it is an HTML editor…


Become a fan of ocPortal on Facebook or add me as a friend.

Expand: Was I helpful? Was I helpful?

Expand: Follow me on Twitter Follow me on Twitter







If I answered something that you think should be in the documentation, please take the initiative and add it to the community documentation. We really need people to help out here and build a well-organised large support resource.
Back to the top
 
Posted
Rating:
#82321
bigguy
Avatar

Fan in action
Would this not have more to do with mod_security.
Back to the top
 
Posted
Rating:
#82326
Chris Graham
Avatar

ocStaff (admin)
Yes and no - mod_security is configured by the web host, and it is the configuration causing the problem.

To be honest, I don't know what the default configuration(s), but even if the default configuration is mad, the host has no excuse.

I do know though that lots (possibly even most) hosts now have mod_security, and no problems.


Become a fan of ocPortal on Facebook or add me as a friend.

Expand: Was I helpful? Was I helpful?

Expand: Follow me on Twitter Follow me on Twitter







If I answered something that you think should be in the documentation, please take the initiative and add it to the community documentation. We really need people to help out here and build a well-organised large support resource.
Back to the top
 
Posted
Rating:
#82334
Jean
Avatar

Community saint
Hey bigguy,

I don't know if my case can help you sort this out, but I had a similar situation a few months ago when routine edits on my sites caused the exact same reactions from my host, shutting down my sites until a request was made to reset the server's permission. This went on for a few days and must have stretched the goodwill of my Host eLief, but they immediately enabled my connections upon notification each time without complaints. I was mortified at triggering this upon every visit as an admin. No other user was causing this.

I was told that the following situation was going on while I attempted to edit anything:
*Port Scan* detected from IP. (11 hits in the last 256 seconds)

I could not find anything wrong on my computer: no viruses, malwares or any backdoor illicit UDP  activities, but reaching my sites from a different computer did not cause any troubles. Uninstalling my browsers for fresh ones did nothing to fix this. I ended up switching to an emergency partition on my computer with a fresh OS and browsers and the nightmare went away.

I hope your situation is different and that you will not have to go to that extreme.
I can understand your pain just now:(,
Jean
 
Back to the top
 
Posted
Rating:
#82335
bigguy
Avatar

Fan in action
Thanks all. I will check my server configuration and see what I can do there and check the computer as well. Thanks for the help. :)
Back to the top
 
Posted
Rating:
#82354
bigguy
Avatar

Fan in action
This is related to mod_security. We turned it off and things are acting normal now. Thanks all.
Back to the top
 
Posted
Rating:
#82411
Jean
Avatar

Community saint
Glad it was resolved quickly and painlessly!:thumbs:
Back to the top
 
Posted
Rating:
#82763
Bao
Avatar

Fan in training

bigguy said

This is related to mod_security. We turned it off and things are acting normal now. Thanks all.
Hi! I have the same problem just can not save any configuration changes! So, how to shut down the mod-security? Thanks!
Back to the top
 
Posted
Rating:
#82773
Fletch
Avatar

Community saint

Bao said

… So, how to shut down the mod-security? Thanks!
If you are on shared hosting - you can't!

Talk to your web hosts, explain the problem, and ask them to adjust the settings so that they are not so restrictive to your script. ocPortal has a 'strong' security modal, and often 'mod_security' on the server is badly set up and is conflicting somewhere.

 :thumbs:
Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#82789
Bao
Avatar

Fan in training

Fletch said

Bao said

… So, how to shut down the mod-security? Thanks!
If you are on shared hosting - you can't!

Talk to your web hosts, explain the problem, and ask them to adjust the settings so that they are not so restrictive to your script. ocPortal has a 'strong' security modal, and often 'mod_security' on the server is badly set up and is conflicting somewhere.

 :thumbs:


Thank you very much for your quick reply! I will ask my web host to fix it!
Back to the top
 
Posted
Rating:
#82792
Fletch
Avatar

Community saint
A good host ought to listen to your request, but there is no guarantee that they will.

If you are still having problems, renew this topic and hopefully you will get a more detailed and succinct explanation from the staff that you can use to 'discuss' the matter further with your hosts.

Good luck.
Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:
 Add topic 
> Forum home » Deploying

Quick reply   Contract

Your name:
Your message:
( First post )