News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Having problems with mod_security?

Started by [Unknown], April 26, 2005, 12:07:59 AM

Previous topic - Next topic

LostProphecy

something interesting that i've come across when trying to do this... i've never touched these files before cause i didn't even know what they were for, however when i went looking for them i found that i had two, one renamed that was last edited 12 june 2005 and a new one edited 17 june 2005...

i've never touched them however they have been changed

the 12 june one had this in it (the renamedone)


# -FrontPage-

IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
AuthName www.lostprophecy.com
AuthUserFile /home/kodee1/public_html/_vti_pvt/service.pwd
AuthGroupFile /home/kodee1/public_html/_vti_pvt/service.grp


but the new one that replaced it has nothing in it...

i'm wondering if this might be causing the log in problems, or if infact having it blank might cause other problems
Angelus Ex Quo Nox

jennielinn

Well greyknight directed me to this fix and it worked like a charm ;D
I was getting the "not acceptable" error when I clicked "current theme settings" and "layout" in Forum
Setting. I did the htaccess fix and now no worries, you all are the greatest :)


Quoth

Excellent quick fix, my forums now run smoothly in both browsers as i seemed to get this more with IE than firefox. It also seems it's fixed some of the session errors i was having with logging off.

Thanks [Unknown]!

drdave

Ok maybe I missed it but once I create the .htaccess file where do I place it on my server?

Thanks
Dave

JayBachatero

In the forum's root folder along with Settings.php, index.php and so on.
Follow me on Twitter

"HELP!!! I've fallen and I can't get up"
This moment has been brought to you by LifeAlert

drdave


Tazpot

Fantastic that sorted all my troubles out.
I was getting a stupid 403 error when trying to install smfarcade and couldn't figure why, then i stumbled upon this nifty post

[unknown] you are a God!!   ;)
[nofollow]

RoarinRow

#27
I got this 'HTTP Error 403 - Forbidden error' today, which I haven't seen in a while.  The last time I saw it I was installing Arcade games.  It went away by itself.

I tried the fix on the first page, but I got this error from my FTP application:

350 File exists, ready for destination name
    RNTO .htaccess
550 Permission denied on server.  You are restricted to your account.
    DELE htaccess.txt

I guess there's one there, but I can't see it.  I use SmartFTP 1.5.

Before I got this error message I was just refreshing the page.  I couldn't see the avatars, just a blank box.  Then I went to the forum/index page, then it was ok. then I refreshed the page one more time, then I got this error.  Shocked me cause it was in red bold lettering.

Any ideas?  I will also report to my web host.

Thanks!

SMF 2.0
TP 1.0 RC1.1
Wordpress 3.1.3

redone

If I am reading you right and you cannot remove a file via ftp contact your host and you will be able to resolve it. Sometimes the way the server is set up there can be some instances when a file is created and you cannot remove it yourself. Send them the details of the file you cannot remove.


RoarinRow

Quote from: redone on May 17, 2006, 03:10:20 PM
If I am reading you right and you cannot remove a file via ftp contact your host and you will be able to resolve it. Sometimes the way the server is set up there can be some instances when a file is created and you cannot remove it yourself. Send them the details of the file you cannot remove.



Doing that now, thanks!

SMF 2.0
TP 1.0 RC1.1
Wordpress 3.1.3

BigMike

Thankyou again Unknown. Last night right at midnight, this problem started happening on our forum.

A couple of searches later and it was resolved ;)

This must have been the quickest issue I've ever fixed before lol

Cya
BigMike

Overseer

i had this appear today too after restarting my VPS

JayBachatero

Follow me on Twitter

"HELP!!! I've fallen and I can't get up"
This moment has been brought to you by LifeAlert

Jared867

Thank you Unknown. That worked like a charm!

G.I. Jimbo

I just installed the SMF forum software onto my account.  As soon as everything was done installing, I tried to go to the index.php page to set things up but got a blank page.  I asked for help with this in another thread but was told to come here.  I tried the whole htaccess thing and my problem was not fixed.  Any other ideas?  My host is hxxp:1500mb.com [nonactive] and my site is hxxp:galaxymod.1500mb.com/forum [nonactive]

silencer0

THX SO MUCH NOW IT WORKS MY PROBLEM IS "[solved]" lol HAHAHA THX SO MUCH :D :D :D

Jacen

Just a suggestion to the dev crew: Is it possible to get a little warning to appear to admins (only admins) if mod_security is installed?
"I've always found that sticking your fingers in your ears and humming loudly solves a whole slew of problems."

marcnyc

Quote from: [Unknown] on April 26, 2005, 12:07:59 AM
<IfModule mod_security.c>
# Turn off mod_security filtering.  SMF is a big boy, it doesn't need its hands held.
SecFilterEngine Off

# The below probably isn't needed, but better safe than sorry.
SecFilterScanPOST Off
</IfModule>


-[Unknown]

thanks Unkown, your workaround worked perfectly...
just a question: am I supposed to put this stuff in a .htaccess file within the SMF folder? or is it safe to put it in the main .htacess file of the whole website (in the root)? in other words, I put it in the root's .htaccess and it seems to ahve fixed the SMF problem (which is not in the root) but I was wondering if I am exposing myself to other risks having it in the root.

Thanks

青山 素子

It is possible you will expose yourself to some problems if you turn mod_security off sitewide, especially if you run other dynamic software (blog, poll, etc)
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.


Aquire


Advertisement: