HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Site Configuration Bug?

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#96782 (In Topic #19210)
Avatar

Community saint

Opening a site from closed state erros

I kep getting a you do not have permissions to access the adminzone when trying to save the setting for opening site.

I have changed settings elsewhere fine and I am logged in so I don't know what is going on?

I do not see a hotfix for this listed in Confirmed bugs list for 9.0.6
Back to the top
 
Posted
Rating:
#96784
Avatar

Community saint

This is the strangest thing. It seems as if only configuration changes under "Site Options" causes this. I can change a configuration setting under any other category "Features Options" "Points Options" etc but site options I keep getting no access error????
Back to the top
 
Posted
Rating:
#96785
Avatar

Do you have another site on the server that you have open at the same time? That's a common cause, unless you carefully configure it, they will share cookies and keep overwriting each other.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#96786
Avatar

Community saint

Well I did have but I closed and restarted browser and still no luck. I thought maybe dashlane was interfering but I exited that and still no luck. I can change nearly every option under all categories except site options
Back to the top
 
Posted
Rating:
#96787
Avatar

Community saint

I deleted cookies ran website cleanup tools I tried from 3 browsers FF Chrome and Opera all to no avail
Back to the top
 
Posted
Rating:
#96788
Avatar

Is it an ocPortal login screen, or some web server error screen? The latter could be suhosin or similar.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#96789
Avatar

Community saint

It appears to be a server screen. I have even tried on another computer now (my laptop) and still to no avail
Back to the top
 
Posted
Rating:
#96790
Avatar

This'll be modsecurity being a pain.

(I said suhosin – that was a mistake, I meant modsecurity)


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#96792
Avatar

Community saint

Should I have them turn off modsecurity then? Or do you have another recomendation?
Back to the top
 
Posted
Rating:
#96793
Avatar

Community saint

I still have lots of configuration to do to this site but I wanted to open it temporarily to set up a honey pot and make sure there is no issues when i do. But not being able to set any site options is making things difficult lol
Back to the top
 
Posted
Rating:
#96794
Avatar

You could go down that route, or:
Configuring mod_security - ocPortal.com


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#96795
Avatar

Community saint

ok thanks I will read over that and let you know the outcome!
Back to the top
 
Posted
Rating:
#96796
Avatar

Community saint

Well isn't this just wonderful reply to my support request from my hosting provider?

I would like to inform you that mod_security is already enabled on all of our servers and can not be modified due to the fact that you are on shared servers.

Please get back to us if you need any further assistance and let us know how else we can help.

Thank you and have a great day,
Back to the top
 
Posted
Rating:
#96797
Avatar

Yikes! I'd tell them that they are failing to provide the service they are selling if they impose arbitrary blocks that do not relate to actual security issues. I'd also advise them that they'd be named and shamed if they act unreasonable – I'd probably blog about them on your behalf.

Stupid modsecurity usage really is one of the most maddening things.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Item has a rating of 5 (Liked by Chris Graham)  
Rating:
#96798
Avatar

Community saint

I gave them this response:

Well that is a very lousy example of customer support. If you don't know how to configure a application on the server why do you put it on there?

I am using one of the most secure CMS available and yet I can't run it and it is nothing to do with the CMS it has to do with server configuration. If you can't modify rules for my domain than can you at least disable modsecurity for my domain then. Either that or come up with a solution of how I am to access the area of my admin zone in which modsecurity is interfering?

Let me give you more information.

There is a site configuration section in my adminzone which allows me to open or close my site to the public among several other site related options. When I try to save my settings in this section I get a "you don't have access" server error yet ohter sections of this same admin zone area work perfectly fine. I am logged in I have cleared cookies caches etc so it is nothing except a server c0onfiguration issue for sure.

Here is a link on the ocPortals developers site which discusses modsecurity issues for which you can refer to. Configuring mod_security - ocPortal.com

This system has far better security than most any other CMS out there and you should be making every effort to make it work on your system since I had a very insecure version of "phpNuke" on their before and yet it worked fine. You want more users to use better applications on your servers than crappy insecure ones I would hope?

Please help me to resolve this issue I simply can't accept that nothing we can do response. We have been clients of yours for a few years now and we don't cause much problems and pay our bills on time so I do expect some effort here.

If you would like admin login details to see the problem first hand I would be happy to give them. Let me know what I can do to help but please help fix this for me.

Thanks
Back to the top
 
Posted
Rating:
#96799
Avatar

Community saint

Further note I did try adding the rules mentioned in the article to my htaccess but it didn't work
Back to the top
 
Posted
Item has a rating of 5 (Liked by sholzy)  
Rating:
#96800
Avatar

Community saint

Ok so after getting elevated to level 2 and a couple more back and forths for me to demonstrate the problem they changed 1 rule to modsecurity for me (sorry they didn't tell me what it was) and all is well now.
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: