News:

Wondering if this will always be free?  See why free is better.

Main Menu

Problem with new topic after upgrade to 2.0.14

Started by moner, August 12, 2017, 04:01:54 PM

Previous topic - Next topic

moner

Hi
Problem with new topic after upgrade to 2.0.14 if i add 4 link Or more in topic
Example:
LiNK
LiNK
LiNK
LiNK

After Post i see ERROR
Forbidden
You don't have permission to access /community/index.php on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

and if i add 3 link Only ,topic send without any problem!
and i am try uninstall upgrade and downgrade to 2.0.13 i have this problem too :(

From where this problem ?


d3vcho

What are the permissions your files and directories are using?
"Greeting Death as an old friend, they departed this life as equals"

moner

Quote from: d3vcho(); on August 12, 2017, 04:08:19 PM
What are the permissions your files and directories are using?

we have not any problem before this upgrade and i have not change permissions files and directories.
permissions directories : 755
permissions files : 644

Kindred

actually, this sounds like your host activated and poorly configured mod_security
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

moner

Quote from: Kindred on August 12, 2017, 04:33:17 PM
actually, this sounds like your host activated and poorly configured mod_security

mod_security Disabled on my host.

Kindred

if your host says that, then I would disbelieve them...   a 403 error, triggered on the number of links in a post is almost definitely from mod_security (and a badly configured setup at that)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."


moner

I was have this problem from two years ago and i have solved it after Disable mod_security Ok ?
Now i have this problem After after upgrade to 2.0.14 ,the problem with links Only please Read the first.

and i see this problem with Many members after upgrade to 2.0.14 Please Search on Google by (SMF 2.0.14 Image Proxy)

Please, I want solve for this problem

Kindred

This absolutely is not related to the 2.0.14 upgrade in any way.

Smf does not check the number of links in a post....   unless you have a mod which does so, in which case you would need to either disable or update the mod...

So, if you do not have a mod... and you are still getting this error, then your host MUST have reimplemented mod_security
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

shawnb61

Quote from: moner on August 13, 2017, 08:11:48 AMMany members after upgrade to 2.0.14 Please Search on Google by (SMF 2.0.14 Image Proxy)
True, there is an issue with the 2.0.14 Image Proxy - but that is unrelated to a 403 caused by too many links. 

The issue we are working on is a 403 caused by too many links.  If you google that, you will see it is pretty much always caused by mod_security:
https://www.google.com/search?q=modsecurity+multiple+url+encoding+detected&oq=mod_security+multiple&aqs=chrome.1.69i57j0.6592j0j7&sourceid=chrome&ie=UTF-8
 
What to do...

The real problem here is that the front line support folks at these ISPs only know so much.  They may tell you mod_security is disabled, but they are only allowed to enable/disable certain rules.  They think they've disabled it, but they've only disabled one of many mod_sec rules. 

Call them back, and tell them you have a "multiple url encoding" problem.  This is mod_security rule 950109.  If the support person doesn't know what you're talking about, escalate to level 2 support.  If that doesn't work, try level 3.  Repeat until it's resolved... 

Hope this helps,
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

moner

Thank you so Much ,yes The issue was related to the mod_security it was not working fine ,Issue resolved now.

Can advise me ?
with issue 2.0.14 Image Proxy i need to downgrade to 2.0.13 and wait resolved this Issue ?


shawnb61

Quote from: moner on August 13, 2017, 04:51:38 PMCan advise me ?
with issue 2.0.14 Image Proxy i need to downgrade to 2.0.13 and wait resolved this Issue ?

Is your site using https://?   I.e., have you installed a certificate & changed all your board URLs to https://?

If not, don't worry about it. 

If your site is https:// already, and your posters share a lot of URLs to images that are not on your forum, you probably need the image proxy.  The proxy works okay, but there are a couple of bugs.  Before enabling it, you may want to read a few of those threads you referred to above... 

It may help to understand what the image proxy does:  The problem is that a page that is part http:// and part https:// leaves the browser confused - should it be able to tell you the page is secure or not?  Different browsers behave differently, but at the very least, they will report that your page is not secure (the latest version of Chrome does this).  Some will show the http:// images as broken links on an otherwise https:// page (the prior versions of Chrome did this). 

The image proxy fixes that by copying images locally and serving them up as https://.  So your pages are consistently https://, and you get no insecure warnings or broken links.  This comes at a cost: increased bandwidth and for large images, a noticeable lag. 

Other things to check before upgrading to 2.0.14...  2.0.14 requires php version 5.4 or greater.  If you are on an older version of php, upgrade that first....  2.0.14 requires a tweak to security, and this requires simple updates to themes.  If you have a bunch of themes, you should read up on the changes needed there. 
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Advertisement: