SMF Support > SMF 1.1.x Support

log in problem

(1/2) > >>

kefalosaddict:
hi, hope this is the right place to post this.Some of my members are receiving this message when they try to log in to the site ....

##################
The page you are trying to access is restricted due to a security rule.


If you believe the security rule is affecting the normal operation of your website,
you can disable it by adding the following lines to your .htaccess file:

<IfModule mod_security.c>
# Turn the filtering engine On or Off
SecFilterEngine Off
</IfModule>

######################

I am not technical minded and only run a forum for people who holiday in a certain place.  If  they get this message when they log in, then click on the "Back" button then click on "Home" on the forum page.they get in to the forum.
Is there some way that I can stop this happening or is it down to their computer settings ? I never get this on my home comp or laptop, but did get it when I was using a comp at an internet cafe on holiday,
Any helkp would be much appreciated, thank you..
Ann xx

MrPhil:
SMF does not need the Mod Security your host has installed. It causes problems for SMF operation and doesn't add any security for this application. Go ahead and edit your /.htaccess file to add the suggested code. Note that if you are running other applications on your site that might need Mod Security, and your SMF is in its own subdirectory (say, /forum), you could add these lines to /forum/.htaccess (create the file if it doesn't already exist) and they would apply only to SMF. This is an example of why it's good to put applications (like SMF) in their own subdirectory, rather than the site root.

Arantor:

--- Quote ---This is an example of why it's good to put applications (like SMF) in their own subdirectory, rather than the site root.
--- End quote ---

Unless the forum is the entire site in the first place in which case there's no need for such messing about.

MrPhil:

--- Quote from: Arantor on July 12, 2012, 10:31:21 AM ---Unless the forum is the entire site in the first place in which case there's no need for such messing about.

--- End quote ---

If you're absolutely, positively certain that there will never be anything else installed on the site, sure. If you might ever want to install a store or blog or gallery or other stuff, this (using a subdirectory for each major subsystem or application) future-proofs your site's architecture. You will not have to move your forum (invalidating all member bookmarks and search engine listings) when you want a landing page. You will not have to filter other applications through an SMF-specific .htaccess, etc., and then try to back out some of those URL changes. As long as SMF is the only application installed, you can do a URL rewrite in /.htaccess (replaced later by a landing page) to have visitors to your domain root leap directly to your forum.

kefalosaddict:
Thank you for the help and advice, unforunately, I do not do anything with any directories so wouldn't know where to start I think that it is best if I go to my server and ask them to take the security off.

Navigation

[0] Message Index

[#] Next page