GetSimple Support Forum
Get simple 3.3.16 support for php 8.0 - Printable Version

+- GetSimple Support Forum (http://get-simple.info/forums)
+-- Forum: GetSimple (http://get-simple.info/forums/forumdisplay.php?fid=3)
+--- Forum: Installation & Setup (http://get-simple.info/forums/forumdisplay.php?fid=5)
+--- Thread: Get simple 3.3.16 support for php 8.0 (/showthread.php?tid=16548)

Pages: 1 2 3 4 5 6 7


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-10

(2023-04-10, 17:55:09)islander Wrote:
(2023-04-10, 03:57:43)leestwise Wrote: I have one problem that may or may not be due to the upgrade: Attempting to edit and save a change to one of the Innovation theme PHP files causes an internal server error. The permissions on the directory and the file are 755. I also tried 777 to no avail. This is not a deal-breaker because I can do local editing with FTP uploads, but I do like the admin editing option.

Hello @leestwise. What type of error? Like a 500? A little more info is needed. Paste what its says so we have a better idea.
Could be .htaccess or modsecurity, or a new problem.
Regarding your plugin problem, maybe turn on debug in gsconfig to see what it says. Could be that the plugin is outdated, or is related to the above problem.

Quote:Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster@stewkitt.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.

...lee


RE: Get simple 3.3.16 support for php 8.0 - islander - 2023-04-10

(2023-04-10, 21:35:52)leestwis Wrote:
Quote:Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster@stewkitt.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.

...lee

What version of PHP are you using?
Also check this page with debug enabled to see if it give any clue.


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-10

(2023-04-10, 21:56:29)islander Wrote:
(2023-04-10, 21:35:52)leestwis Wrote:
Quote:Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster@stewkitt.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.

...lee

What version of PHP are you using?
Also check this page with debug enabled to see if it give any clue.

PHP version: 8.1.9

I will try it with debug enabled in a couple of hours.

...lee


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-11

(2023-04-10, 21:56:29)islander Wrote: Also check this page with debug enabled to see if it give any clue.

Actually, the problem happens while editing in admin mode, so never gets to any displayed website page, so I do not see this revealing the problem. Could it be an .htaccess problem? I would need lots of help there, if so.

...lee


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-11

(2023-04-11, 03:27:01)leestwise Wrote:
(2023-04-10, 21:56:29)islander Wrote: Also check this page with debug enabled to see if it give any clue.

Actually, the problem happens while editing in admin mode, so never gets to any displayed website page, so I do not see this revealing the problem. Could it be an .htaccess problem? I would need lots of help there, if so.

...lee

I did not see this message until I logged out of the admin page and refreshed the webpage, nor do I know its relevance:

Warning: Cannot modify header information - headers already sent by (output started at /home/leestewart/stewkitt.com/_testsite/theme/Innovation/header.inc.php:9) in /home/leestewart/stewkitt.com/_testsite/plugins/easy_contactform/form.php on line 4

...lee


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-25

(2023-04-11, 07:07:35)leestwise Wrote:
(2023-04-11, 03:27:01)leestwise Wrote:
(2023-04-10, 21:56:29)islander Wrote: Also check this page with debug enabled to see if it give any clue.

Actually, the problem happens while editing in admin mode, so never gets to any displayed website page, so I do not see this revealing the problem. Could it be an .htaccess problem? I would need lots of help there, if so.

...lee

I did not see this message until I logged out of the admin page and refreshed the webpage, nor do I know its relevance:

Warning: Cannot modify header information - headers already sent by (output started at /home/leestewart/stewkitt.com/_testsite/theme/Innovation/header.inc.php:9) in /home/leestewart/stewkitt.com/_testsite/plugins/easy_contactform/form.php on line 4

...lee

FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:

     output_buffering = 4096

...lee


RE: Get simple 3.3.16 support for php 8.0 - islander - 2023-04-25

(2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:

     output_buffering = 4096

...lee

Glad you were able to find a solution.


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-25

(2023-04-25, 18:23:09)islander Wrote:
(2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:

     output_buffering = 4096

...lee

Glad you were able to find a solution.

That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.

To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.

My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.

...lee


RE: Get simple 3.3.16 support for php 8.0 - islander - 2023-04-25

(2023-01-09, 01:00:20)Knobbles Wrote: PHP 8.1
Found today (could not find whether this is already fixed):

/plugins/i18n_base/frontend.class.php on line 24:
explode(): Passing null to parameter #2 ($string) of type string is deprecated

This occurs in function getLanguages().
Fix:
$httplanguages = explode(",", @$_SERVER['HTTP_ACCEPT_LANGUAGE']??'');

(still dont know how $_SERVER['HTTP_ACCEPT_LANGUAGE'] can be null as I used a standard browser, but thats not the point here.)

(2023-04-25, 21:17:21)leestwise Wrote:
(2023-04-25, 18:23:09)islander Wrote:
(2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:

     output_buffering = 4096

...lee

Glad you were able to find a solution.

That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.

To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.

My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.

...lee

You may want to see if you can turn off your Mod Security via cpanel, or whatever control panel your hosting has.
Just to see if it is this that is causing the problem. It is not recommended to leave this turned off though.


RE: Get simple 3.3.16 support for php 8.0 - islander - 2023-04-26

You may want to take a look at this link, maybe it helps?
https://help.dreamhost.com/hc/en-us/articles/215947927-Enable-extra-web-security-on-a-website


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-26

(2023-04-25, 23:05:56)islander Wrote:
(2023-01-09, 01:00:20)Knobbles Wrote: PHP 8.1
Found today (could not find whether this is already fixed):

/plugins/i18n_base/frontend.class.php on line 24:
explode(): Passing null to parameter #2 ($string) of type string is deprecated

This occurs in function getLanguages().
Fix:
$httplanguages = explode(",", @$_SERVER['HTTP_ACCEPT_LANGUAGE']??'');

(still dont know how $_SERVER['HTTP_ACCEPT_LANGUAGE'] can be null as I used a standard browser, but thats not the point here.)

(2023-04-25, 21:17:21)leestwise Wrote:
(2023-04-25, 18:23:09)islander Wrote:
(2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:

     output_buffering = 4096

...lee

Glad you were able to find a solution.

That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.

To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.

My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.

...lee

You may want to see if you can turn off your Mod Security via cpanel, or whatever control panel your hosting has.
Just to see if it is this that is causing the problem. It is not recommended to leave this turned off though.

(2023-04-26, 00:26:58)islander Wrote: You may want to take a look at this link, maybe it helps?
https://help.dreamhost.com/hc/en-us/articles/215947927-Enable-extra-web-security-on-a-website

Thanks. That link put me on a track that may solve this problem. I finally found my domain error logs (I could not see them via FTP—needed SFTP access) and it looks as though ModSecurity is definitely involved. I will post more after reloading GS 3.3.18CE stuff.

...lee


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-28

(2023-04-25, 23:05:56)islander Wrote:
(2023-01-09, 01:00:20)Knobbles Wrote: PHP 8.1
Found today (could not find whether this is already fixed):

/plugins/i18n_base/frontend.class.php on line 24:
explode(): Passing null to parameter #2 ($string) of type string is deprecated

This occurs in function getLanguages().
Fix:
$httplanguages = explode(",", @$_SERVER['HTTP_ACCEPT_LANGUAGE']??'');

(still dont know how $_SERVER['HTTP_ACCEPT_LANGUAGE'] can be null as I used a standard browser, but thats not the point here.)

(2023-04-25, 21:17:21)leestwise Wrote:
(2023-04-25, 18:23:09)islander Wrote:
(2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:

     output_buffering = 4096

...lee

Glad you were able to find a solution.

That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.

To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.

My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.

...lee

You may want to see if you can turn off your Mod Security via cpanel, or whatever control panel your hosting has.
Just to see if it is this that is causing the problem. It is not recommended to leave this turned off though.

After wiping the website and loading only the base GS 3.3.18.1CE, the save of header.inc.php by the theme editor fails. After temporarily turning ModSecurity off, it succeeds. Here are the three log messages generated by ModSecurity:

  1. [Wed Apr 26 18:55:17.533085 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "108"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <html found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a    die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== ''..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit
  2. [Wed Apr 26 18:55:17.535610 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:<\\\\?(?:[^x]|x[^m]|xm[^l]|xml[^\\\\s]|xml$|$)|<\\\\?php|\\\\[(?:\\\\/|\\\\\\\\)?php\\\\])" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-933-APPLICATION-ATTACK-PHP.conf"] [line "65"] [id "933100"] [msg "PHP Injection Attack: PHP Open Tag Found"] [data "Matched Data: <?p found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a    die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== '' ?..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-injection-php"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/242"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit
  3. [Wed Apr 26 18:55:17.545415 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit

...lee


RE: Get simple 3.3.16 support for php 8.0 - islander - 2023-04-28

(2023-04-28, 07:15:22)leestwise Wrote: After wiping the website and loading only the base GS 3.3.18.1CE, the save of header.inc.php by the theme editor fails. After temporarily turning ModSecurity off, it succeeds. Here are the three log messages generated by ModSecurity:

  1. [Wed Apr 26 18:55:17.533085 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "108"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <html found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a    die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== ''..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit
  2. [Wed Apr 26 18:55:17.535610 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:<\\\\?(?:[^x]|x[^m]|xm[^l]|xml[^\\\\s]|xml$|$)|<\\\\?php|\\\\[(?:\\\\/|\\\\\\\\)?php\\\\])" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-933-APPLICATION-ATTACK-PHP.conf"] [line "65"] [id "933100"] [msg "PHP Injection Attack: PHP Open Tag Found"] [data "Matched Data: <?p found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a    die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== '' ?..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-injection-php"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/242"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit
  3. [Wed Apr 26 18:55:17.545415 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit

...lee

Unfortunately, I dont think there is much that can be done, I am experiencing something similar with one of my providers.
Mod-Security is like a rule based firewall, that allows some actions and blocks others.
If you have a vps you can adjust these rules, but if you are on some sort of shared hosting, it is very doubtful that you will be able to.
So the only work-around is to  either deactivate mod_sec when using themes, or just upload them via ftp.
From my understanding, there is a flag any time the server detects a file being saved which has php which can be ran.
Its flags it as danger, and will not allow it.
On a vps, you can adjust these rules to say that it is you, so it can ignore it.
But most vps are very expensive, so not really worth it for a small GS site.


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-04-28

(2023-04-28, 07:52:05)islander Wrote:
(2023-04-28, 07:15:22)leestwise Wrote: After wiping the website and loading only the base GS 3.3.18.1CE, the save of header.inc.php by the theme editor fails. After temporarily turning ModSecurity off, it succeeds. Here are the three log messages generated by ModSecurity:

  1. [Wed Apr 26 18:55:17.533085 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "108"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <html found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a    die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== ''..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit
  2. [Wed Apr 26 18:55:17.535610 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:<\\\\?(?:[^x]|x[^m]|xm[^l]|xml[^\\\\s]|xml$|$)|<\\\\?php|\\\\[(?:\\\\/|\\\\\\\\)?php\\\\])" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-933-APPLICATION-ATTACK-PHP.conf"] [line "65"] [id "933100"] [msg "PHP Injection Attack: PHP Open Tag Found"] [data "Matched Data: <?p found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a    die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== '' ?..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-injection-php"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/242"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit
  3. [Wed Apr 26 18:55:17.545415 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.php?t=ResponsiveCE&f=header.inc.php&s=Edit

...lee

Unfortunately, I dont think there is much that can be done, I am experiencing something similar with one of my providers.
Mod-Security is like a rule based firewall, that allows some actions and blocks others.
If you have a vps you can adjust these rules, but if you are on some sort of shared hosting, it is very doubtful that you will be able to.
So the only work-around is to  either deactivate mod_sec when using themes, or just upload them via ftp.
From my understanding, there is a flag any time the server detects a file being saved which has php which can be ran.
Its flags it as danger, and will not allow it.
On a vps, you can adjust these rules to say that it is you, so it can ignore it.
But most vps are very expensive, so not really worth it for a small GS site.

Thank you for your help. I am perfectly happy with editing offline and uploading with FTP, but I certainly wanted to run the problem to ground. Thanks again for your help with doing that. It seems a shame not to be able to use the full functionality of the admin process—Oh, well.

Given your explanation about saving PHP files being a problem for ModSecurity, why does your SingleFileInstaller/Updater work without turning off ModSecurity (which is what I did)?

...lee


RE: Get simple 3.3.16 support for php 8.0 - leestwise - 2023-06-16

Maybe my last question to Islander was missed:

Given your explanation about saving PHP files being a problem for ModSecurity, why does your SingleFileInstaller/Updater work without turning off ModSecurity?

...lee


RE: Get simple 3.3.16 support for php 8.0 - islander - 2023-06-17

Sorry, no, I did not see your reply.
The the file uploader is not mine. Maybe you are using Massive Admin theme?
Anyhow, modsecurity, in my experience just catches php being saved in files. So if you have a theme or component, etc., regardless of the php code in it, it may be interpreted as a threat and blocks it from being saved. But doesnt really care if you are uploading something. But this probably depends on how the host has set this up.