HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Error when editing

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#82283 (In Topic #17150)
Avatar

Fan in action

shuts the site down

Any time I go to edit a blog or a news article and then press save I get this message on a white screen and then I am locked out of everything. I can't get to my sites, cpanel or WHM unless I use a proxy. FTP does not even work. Can I get some help with this please. AS it stands now I have to phone my host and ask them to fix it cause I can't access anything.

Precondition Failed

The precondition on the request for the URL /cms/index.php evaluated to false.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Back to the top
 
Posted
Rating:
#82284
Avatar

Fan in action

I guess it's my server firewall that is blocking me or something. My host says the csf firewall is doing that. Any reason why it would be. ???
Back to the top
 
Posted
Rating:
#82289
Avatar

You'll need to ask the host to go through their logs. They've set up some overly-restrictive rules so the onus is on them to track it down and make the rules less arbitrary.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#82292
Avatar

Fan in action

Is this an error from Ocportal or from my server:

Precondition Failed

The precondition on the request for the URL /cms/index.php evaluated to false.
Back to the top
 
Posted
Rating:
#82295
Avatar

The server.

I just re-read your topic title. Incompetent web hosts often trigger this by sensing any posted HTML as a hack attack. Which just happens to block all WYSIWYG editors.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#82297
Avatar

Fan in action

Ok I will check this out with my server admin. I can use the wysiwyg editor in SMF and it is not blocked though. Btw, this just started to happen after I upgraded ocportal if that means anything, not sure if it does or not. Just a FYI I guess.  :)
Back to the top
 
Posted
Rating:
#82299
Avatar

I'd be interested in what they say is the cause then. If there is something in our code that looks 'suspicious' I'd consider tuning it (as we've done a few times before actually).

It's just this kind of thing annoys me :lol:.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#82300
Avatar

Fan in action

I just got a email back from the web host and this is what they say:

The issue is not with the firewall in the server. The editor you are using in the portal is trying to inject code, as detected by the Modsecurity module in the webserver. Thus, server is denying the request. Please see the errors from the logs given below.

They gave me the logs and we do have mod_security enbled on the server. All I was doing was trying to edit a blog, then I tried to edit the news and the same thing happened.
Back to the top
 
Posted
Rating:
#82307
Avatar

The issue is not with the firewall in the server. The editor you are using in the portal is trying to inject code, as detected by the Modsecurity module in the webserver. Thus, server is denying the request.

That is pure incompetency. Of course the editor is injecting code, it is an HTML editor…


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#82321
Avatar

Fan in action

Would this not have more to do with mod_security.
Back to the top
 
Posted
Rating:
#82326
Avatar

Yes and no - mod_security is configured by the web host, and it is the configuration causing the problem.

To be honest, I don't know what the default configuration(s), but even if the default configuration is mad, the host has no excuse.

I do know though that lots (possibly even most) hosts now have mod_security, and no problems.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#82334
Avatar

Community saint

Hey bigguy,

I don't know if my case can help you sort this out, but I had a similar situation a few months ago when routine edits on my sites caused the exact same reactions from my host, shutting down my sites until a request was made to reset the server's permission. This went on for a few days and must have stretched the goodwill of my Host eLief, but they immediately enabled my connections upon notification each time without complaints. I was mortified at triggering this upon every visit as an admin. No other user was causing this.

I was told that the following situation was going on while I attempted to edit anything:
*Port Scan* detected from IP. (11 hits in the last 256 seconds)

I could not find anything wrong on my computer: no viruses, malwares or any backdoor illicit UDP  activities, but reaching my sites from a different computer did not cause any troubles. Uninstalling my browsers for fresh ones did nothing to fix this. I ended up switching to an emergency partition on my computer with a fresh OS and browsers and the nightmare went away.

I hope your situation is different and that you will not have to go to that extreme.
I can understand your pain just now:(,
Jean
Back to the top
 
Posted
Rating:
#82335
Avatar

Fan in action

Thanks all. I will check my server configuration and see what I can do there and check the computer as well. Thanks for the help. :)
Back to the top
 
Posted
Rating:
#82354
Avatar

Fan in action

This is related to mod_security. We turned it off and things are acting normal now. Thanks all.
Back to the top
 
Posted
Rating:
#82411
Avatar

Community saint

Glad it was resolved quickly and painlessly!:thumbs:
Back to the top
 
Posted
Rating:
#82763
Bao
Avatar

Fan in training

bigguy said

This is related to mod_security. We turned it off and things are acting normal now. Thanks all.
Hi! I have the same problem just can not save any configuration changes! So, how to shut down the mod-security? Thanks!
Back to the top
 
Posted
Rating:
#82773
Avatar

Community saint

Bao said

… So, how to shut down the mod-security? Thanks!
If you are on shared hosting - you can't!

Talk to your web hosts, explain the problem, and ask them to adjust the settings so that they are not so restrictive to your script. ocPortal has a 'strong' security modal, and often 'mod_security' on the server is badly set up and is conflicting somewhere.

 :thumbs:

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Item has a rating of 5 (Liked by Guest)  
Rating:
#82789
Bao
Avatar

Fan in training

Fletch said

Bao said

… So, how to shut down the mod-security? Thanks!
If you are on shared hosting - you can't!

Talk to your web hosts, explain the problem, and ask them to adjust the settings so that they are not so restrictive to your script. ocPortal has a 'strong' security modal, and often 'mod_security' on the server is badly set up and is conflicting somewhere.

 :thumbs:


Thank you very much for your quick reply! I will ask my web host to fix it!
Back to the top
 
Posted
Rating:
#82792
Avatar

Community saint

A good host ought to listen to your request, but there is no guarantee that they will.

If you are still having problems, renew this topic and hopefully you will get a more detailed and succinct explanation from the staff that you can use to 'discuss' the matter further with your hosts.

Good luck.

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#110233

Non-joined user

You can just use the setup wizard instead.

So if "Setup>Configuration" does not work , 404 when trying to save changes then try to use the SetupWizard.
So you use "Setup>SetupWizard" and follow the 10steps and (might have to skip step 9 can cause 404 ) and on step 10
you can just save and the site config is done . 
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: