Having problems with mod_security?

[TheLyricist]

Hey guys... I also have troubles with mod_security...
After the

The installer has detected the mod_security module is installed on your web server. Mod_security will block submitted forms even before SMF gets a say in anything. SMF has a built-in security scanner that will work more effectively than mod_security and that won't block submitted forms.

Click here to try installing anyway, but note that this is strongly discouraged.

message, i click here and it shows me a page with basic settings... When i click proceed, it just stays on that page... I can keep on clicking, and it will still stay on the same page...
Any help?

[LeberMac]

The .htaccess file worked for me. Awesome.

[greyknight17]

@TheLyricist: Did you try using the .htaccess file at all? That might help

[FaNtEcH]

Thanks. My host did that. Thanks again for the tweak!

[kaldingo]

make sure the owner of the files are the correct one, also ensure that the permissions are correct (should be 777 or 755 permissions on unix servers,  read+write on windows hosting)

permissions on what??

I am experiencing this issue.  the first htaccess edit did nothing.  the 2nd resulted in a 500 error.

[SMASH]

Hello,
Just wanted to say "Thanks" for this. I have my new forums and websites with Dreamhost and they have this mod_security running.

Just wanted everyone to know that when I put this in my root folder the forum would not show up, so I moved it to the folder that has my SMF in it and it works.

[Rafferty]

Putting the htaccess file in actually gave me the error 500,

[johny000]

hello guys  how are you all
I'm  Having problems  with  smf v1.1.4

i have two smf
the 1st smf v1.1.3
http://www.mywebsite.com/sahdona/forums/
the 2st smf v1.1.4
www.mywebsite.net/smf

with the 1.1.3 ever thing is working nice no error
& with 1.1.4 I'm  keep gating the Error 500 ever time I'm trying to backup my db or chicking my pm

can you guys look at it & tell me what  can i do & how can i fix this please


thank you

[r3skyline]

im having the same trouble as TheLyricist

[nizoo]

RESPECT! worked great thanks alot

[FragaCampos]

Thanks!
It solved the problem in my forum's login
"406 Not Acceptable
An appropriate representation of the requested resource /index.php could not be found on this server."

[souljaa]

Hey! I still get the same error, and I added the things mentioned in the .htaccess file.
But when I opened the .htaccess file, there was nothing in it, is that normal?
Now when I open it, it still has the code in it, but still doesn't work. (The SMF Gallery Mod)
www.gfxpros.org
Thanks
Souljaa

[FragaCampos]

It worked for me.
Did you do everything like in the first post?

[Sarge]

Try the updated rules:
http://www.simplemachines.org/community/index.php?topic=34270.msg1025267#msg1025267

Make sure you upload .htaccess to the right place: either the root directory of your site or your forum directory.

[Scanlite]

It seems i am having the exact OPPOSITE problem that no one seems to be able to help with!

My forum will not load AFTER LOGGING IN?

can anyone help out with some advice or assistance to help me solve this problem please?

[Sarge]

My forum will not load AFTER LOGGING IN?

Please let's continue support about this in the topic you started.
http://www.simplemachines.org/community/index.php?topic=213083

[masterb]

When I post %simbol, I get error Bad Request.
Example: %qqqqqqqqqqqqqqqqq

modsec_debug.log

[12/Mar/2008:04:00:44 +0300] [forum.XXX/sid#80cf340][rid#844c1c0][/index.php][1] Access denied with code 400 (phase 2). Pattern match "\\%(?!$|\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:message. [id "950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"]

modsec_audit.log

--c0166218-A--
[12/Mar/2008:04:00:44 +0300] 93vY-n8AAAEAAHeCgIQAAAAC 127.0.0.1 41404 127.0.0.1 443
--c0166218-B--
POST /index.php?action=post2 HTTP/1.1
Host: forum.sdi.sar
User-Agent: Mozilla/5.0 (X11; U; Linux i686; ru; rv:1.8.1.12) Gecko/20080214 Firefox/2.0.0.12
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: ru-ru,ru;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: hxxp:forum.xxx/index.php?topic=11.0 [nonactive]
Cookie: PHPSESSIDF=XXX; SMFCookie547=a%3A4%3A%7Bi%3A0%3Bs%3A1...s%3A40%3A%22f6fd1...c4daafb3fdd7a19a346e%22%3Bi%3A2%3Bi%3A1205286112%3Bi%3A3%3Bi%3A0%3B%7D
Content-Type: application/x-www-form-urlencoded
Content-Length: 217

--c0166218-C--
topic=25&subject=Re%3A+gpg+-+man+page&icon=xx&notify=0&goback=1&num_replies=0&message=%25qqqqqqqqqqqqqqqqq&post=%D0%9E%D1%82%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C&sc=0be0815c74f9717699612fc01c1a6221&seqnum=3805448
--c0166218-F--
HTTP/1.1 400 Bad Request
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1

--c0166218-H--
Message: Access denied with code 400 (phase 2). Pattern match "\\%(?!$|\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:message. [id "950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"]
Action: Intercepted (phase 2)
Stopwatch: 1205283644496126 38939 (38116* 38442 -)
Producer: ModSecurity v2.1.2 (Apache 2.x)
Server: Apache

--c0166218-Z--

How to fix it?
This bug in modsec  20_protocol_violations.conf or smf?

[metallica48423]

have you tried the solution in the first post of this page?

[masterb]

have you tried the solution in the first post of this page?

Thanks, add

<IfModule security2_module>
SecRequestBodyAccess Off
</IfModule>

in my vhosts.conf, I hope it safely

[innerspace70]

Ok,
Once for the dummy in the room.

Should I ADD the code to the .htaccess file in the PUBLICHTML root?

Or Just replace the file all together with this code.

(When I add it using cPanel the forum fails with a 500 error.)

Answer to my own question:
I created a NEW file with the suggested code from this post. Saved it to the folder I have SMF installed in.
I did not modify the .htaccess file in the publichtml root. (that causes a 500 error)