Posts: 35
Threads: 2
Joined: Jan 2013
2023-04-10, 21:35:52
(This post was last modified: 2023-04-10, 21:38:33 by leestwise.)
(2023-04-10, 17:55:09)islander Wrote: (2023-04-10, 03:57:43)leestwise Wrote: I have one problem that may or may not be due to the upgrade: Attempting to edit and save a change to one of the Innovation theme PHP files causes an internal server error. The permissions on the directory and the file are 755. I also tried 777 to no avail. This is not a deal-breaker because I can do local editing with FTP uploads, but I do like the admin editing option.
Hello @leestwise. What type of error? Like a 500? A little more info is needed. Paste what its says so we have a better idea.
Could be .htaccess or modsecurity, or a new problem.
Regarding your plugin problem, maybe turn on debug in gsconfig to see what it says. Could be that the plugin is outdated, or is related to the above problem.
Quote:Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster@stewkitt.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
...lee
Posts: 324
Threads: 5
Joined: May 2012
(2023-04-10, 21:35:52)leestwis Wrote: Quote:Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster@stewkitt.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
...lee
What version of PHP are you using?
Also check this page with debug enabled to see if it give any clue.
Posts: 35
Threads: 2
Joined: Jan 2013
(2023-04-10, 21:56:29)islander Wrote: (2023-04-10, 21:35:52)leestwis Wrote: Quote:Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster@stewkitt.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
...lee
What version of PHP are you using?
Also check this page with debug enabled to see if it give any clue.
PHP version: 8.1.9
I will try it with debug enabled in a couple of hours.
...lee
Posts: 35
Threads: 2
Joined: Jan 2013
2023-04-11, 03:27:01
(This post was last modified: 2023-04-11, 03:27:32 by leestwise.)
(2023-04-10, 21:56:29)islander Wrote: Also check this page with debug enabled to see if it give any clue.
Actually, the problem happens while editing in admin mode, so never gets to any displayed website page, so I do not see this revealing the problem. Could it be an .htaccess problem? I would need lots of help there, if so.
...lee
Posts: 35
Threads: 2
Joined: Jan 2013
2023-04-11, 07:07:35
(This post was last modified: 2023-04-11, 07:11:33 by leestwise.)
(2023-04-11, 03:27:01)leestwise Wrote: (2023-04-10, 21:56:29)islander Wrote: Also check this page with debug enabled to see if it give any clue.
Actually, the problem happens while editing in admin mode, so never gets to any displayed website page, so I do not see this revealing the problem. Could it be an .htaccess problem? I would need lots of help there, if so.
...lee
I did not see this message until I logged out of the admin page and refreshed the webpage, nor do I know its relevance:
“ Warning: Cannot modify header information - headers already sent by (output started at /home/leestewart/stewkitt.com/_testsite/theme/Innovation/header.inc.php:9) in /home/leestewart/stewkitt.com/_testsite/plugins/easy_contactform/form.php on line 4”
...lee
Posts: 35
Threads: 2
Joined: Jan 2013
(2023-04-11, 07:07:35)leestwise Wrote: (2023-04-11, 03:27:01)leestwise Wrote: (2023-04-10, 21:56:29)islander Wrote: Also check this page with debug enabled to see if it give any clue.
Actually, the problem happens while editing in admin mode, so never gets to any displayed website page, so I do not see this revealing the problem. Could it be an .htaccess problem? I would need lots of help there, if so.
...lee
I did not see this message until I logged out of the admin page and refreshed the webpage, nor do I know its relevance:
“Warning: Cannot modify header information - headers already sent by (output started at /home/leestewart/stewkitt.com/_testsite/theme/Innovation/header.inc.php:9) in /home/leestewart/stewkitt.com/_testsite/plugins/easy_contactform/form.php on line 4”
...lee
FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:
output_buffering = 4096
...lee
Posts: 324
Threads: 5
Joined: May 2012
(2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:
output_buffering = 4096
...lee
Glad you were able to find a solution.
Posts: 35
Threads: 2
Joined: Jan 2013
(2023-04-25, 18:23:09)islander Wrote: (2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:
output_buffering = 4096
...lee
Glad you were able to find a solution.
That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.
To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.
My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.
...lee
Posts: 324
Threads: 5
Joined: May 2012
(2023-01-09, 01:00:20)Knobbles Wrote: PHP 8.1
Found today (could not find whether this is already fixed):
/plugins/i18n_base/frontend.class.php on line 24:
explode(): Passing null to parameter #2 ($string) of type string is deprecated
This occurs in function getLanguages().
Fix:
$httplanguages = explode(",", @$_SERVER['HTTP_ACCEPT_LANGUAGE']??'');
(still dont know how $_SERVER['HTTP_ACCEPT_LANGUAGE'] can be null as I used a standard browser, but thats not the point here.)
(2023-04-25, 21:17:21)leestwise Wrote: (2023-04-25, 18:23:09)islander Wrote: (2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:
output_buffering = 4096
...lee
Glad you were able to find a solution.
That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.
To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.
My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.
...lee
You may want to see if you can turn off your Mod Security via cpanel, or whatever control panel your hosting has.
Just to see if it is this that is causing the problem. It is not recommended to leave this turned off though.
Posts: 324
Threads: 5
Joined: May 2012
You may want to take a look at this link, maybe it helps?
https://help.dreamhost.com/hc/en-us/arti...-a-website
Posts: 35
Threads: 2
Joined: Jan 2013
(2023-04-25, 23:05:56)islander Wrote: (2023-01-09, 01:00:20)Knobbles Wrote: PHP 8.1
Found today (could not find whether this is already fixed):
/plugins/i18n_base/frontend.class.php on line 24:
explode(): Passing null to parameter #2 ($string) of type string is deprecated
This occurs in function getLanguages().
Fix:
$httplanguages = explode(",", @$_SERVER['HTTP_ACCEPT_LANGUAGE']??'');
(still dont know how $_SERVER['HTTP_ACCEPT_LANGUAGE'] can be null as I used a standard browser, but thats not the point here.)
(2023-04-25, 21:17:21)leestwise Wrote: (2023-04-25, 18:23:09)islander Wrote: (2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:
output_buffering = 4096
...lee
Glad you were able to find a solution.
That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.
To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.
My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.
...lee
You may want to see if you can turn off your Mod Security via cpanel, or whatever control panel your hosting has.
Just to see if it is this that is causing the problem. It is not recommended to leave this turned off though.
(2023-04-26, 00:26:58)islander Wrote: You may want to take a look at this link, maybe it helps?
https://help.dreamhost.com/hc/en-us/arti...-a-website
Thanks. That link put me on a track that may solve this problem. I finally found my domain error logs (I could not see them via FTP—needed SFTP access) and it looks as though ModSecurity is definitely involved. I will post more after reloading GS 3.3.18CE stuff.
...lee
Posts: 35
Threads: 2
Joined: Jan 2013
(2023-04-25, 23:05:56)islander Wrote: (2023-01-09, 01:00:20)Knobbles Wrote: PHP 8.1
Found today (could not find whether this is already fixed):
/plugins/i18n_base/frontend.class.php on line 24:
explode(): Passing null to parameter #2 ($string) of type string is deprecated
This occurs in function getLanguages().
Fix:
$httplanguages = explode(",", @$_SERVER['HTTP_ACCEPT_LANGUAGE']??'');
(still dont know how $_SERVER['HTTP_ACCEPT_LANGUAGE'] can be null as I used a standard browser, but thats not the point here.)
(2023-04-25, 21:17:21)leestwise Wrote: (2023-04-25, 18:23:09)islander Wrote: (2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:
output_buffering = 4096
...lee
Glad you were able to find a solution.
That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.
To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.
My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.
...lee
You may want to see if you can turn off your Mod Security via cpanel, or whatever control panel your hosting has.
Just to see if it is this that is causing the problem. It is not recommended to leave this turned off though.
After wiping the website and loading only the base GS 3.3.18.1CE, the save of header.inc.php by the theme editor fails. After temporarily turning ModSecurity off, it succeeds. Here are the three log messages generated by ModSecurity:
- [Wed Apr 26 18:55:17.533085 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "108"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <html found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== ''..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
- [Wed Apr 26 18:55:17.535610 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:<\\\\?(?:[^x]|x[^m]|xm[^l]|xml[^\\\\s]|xml$|$)|<\\\\?php|\\\\[(?:\\\\/|\\\\\\\\)?php\\\\])" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-933-APPLICATION-ATTACK-PHP.conf"] [line "65"] [id "933100"] [msg "PHP Injection Attack: PHP Open Tag Found"] [data "Matched Data: <?p found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== '' ?..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-injection-php"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/242"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
- [Wed Apr 26 18:55:17.545415 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
...lee
Posts: 324
Threads: 5
Joined: May 2012
(2023-04-28, 07:15:22)leestwise Wrote: After wiping the website and loading only the base GS 3.3.18.1CE, the save of header.inc.php by the theme editor fails. After temporarily turning ModSecurity off, it succeeds. Here are the three log messages generated by ModSecurity:
- [Wed Apr 26 18:55:17.533085 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "108"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <html found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== ''..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
- [Wed Apr 26 18:55:17.535610 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:<\\\\?(?:[^x]|x[^m]|xm[^l]|xml[^\\\\s]|xml$|$)|<\\\\?php|\\\\[(?:\\\\/|\\\\\\\\)?php\\\\])" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-933-APPLICATION-ATTACK-PHP.conf"] [line "65"] [id "933100"] [msg "PHP Injection Attack: PHP Open Tag Found"] [data "Matched Data: <?p found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== '' ?..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-injection-php"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/242"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
- [Wed Apr 26 18:55:17.545415 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
...lee
Unfortunately, I dont think there is much that can be done, I am experiencing something similar with one of my providers.
Mod-Security is like a rule based firewall, that allows some actions and blocks others.
If you have a vps you can adjust these rules, but if you are on some sort of shared hosting, it is very doubtful that you will be able to.
So the only work-around is to either deactivate mod_sec when using themes, or just upload them via ftp.
From my understanding, there is a flag any time the server detects a file being saved which has php which can be ran.
Its flags it as danger, and will not allow it.
On a vps, you can adjust these rules to say that it is you, so it can ignore it.
But most vps are very expensive, so not really worth it for a small GS site.
Posts: 35
Threads: 2
Joined: Jan 2013
2023-04-28, 08:54:18
(This post was last modified: 2023-04-28, 10:00:26 by leestwise.)
(2023-04-28, 07:52:05)islander Wrote: (2023-04-28, 07:15:22)leestwise Wrote: After wiping the website and loading only the base GS 3.3.18.1CE, the save of header.inc.php by the theme editor fails. After temporarily turning ModSecurity off, it succeeds. Here are the three log messages generated by ModSecurity:
- [Wed Apr 26 18:55:17.533085 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "108"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <html found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== ''..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
- [Wed Apr 26 18:55:17.535610 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:<\\\\?(?:[^x]|x[^m]|xm[^l]|xml[^\\\\s]|xml$|$)|<\\\\?php|\\\\[(?:\\\\/|\\\\\\\\)?php\\\\])" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-933-APPLICATION-ATTACK-PHP.conf"] [line "65"] [id "933100"] [msg "PHP Injection Attack: PHP Open Tag Found"] [data "Matched Data: <?p found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== '' ?..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-injection-php"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/242"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
- [Wed Apr 26 18:55:17.545415 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
...lee
Unfortunately, I dont think there is much that can be done, I am experiencing something similar with one of my providers.
Mod-Security is like a rule based firewall, that allows some actions and blocks others.
If you have a vps you can adjust these rules, but if you are on some sort of shared hosting, it is very doubtful that you will be able to.
So the only work-around is to either deactivate mod_sec when using themes, or just upload them via ftp.
From my understanding, there is a flag any time the server detects a file being saved which has php which can be ran.
Its flags it as danger, and will not allow it.
On a vps, you can adjust these rules to say that it is you, so it can ignore it.
But most vps are very expensive, so not really worth it for a small GS site.
Thank you for your help. I am perfectly happy with editing offline and uploading with FTP, but I certainly wanted to run the problem to ground. Thanks again for your help with doing that. It seems a shame not to be able to use the full functionality of the admin process—Oh, well.
Given your explanation about saving PHP files being a problem for ModSecurity, why does your SingleFileInstaller/Updater work without turning off ModSecurity (which is what I did)?
...lee
Posts: 35
Threads: 2
Joined: Jan 2013
Maybe my last question to Islander was missed:
Given your explanation about saving PHP files being a problem for ModSecurity, why does your SingleFileInstaller/Updater work without turning off ModSecurity?
...lee
Posts: 324
Threads: 5
Joined: May 2012
Sorry, no, I did not see your reply.
The the file uploader is not mine. Maybe you are using Massive Admin theme?
Anyhow, modsecurity, in my experience just catches php being saved in files. So if you have a theme or component, etc., regardless of the php code in it, it may be interpreted as a threat and blocks it from being saved. But doesnt really care if you are uploading something. But this probably depends on how the host has set this up.
Posts: 1,927
Threads: 88
Joined: Apr 2010
For some reason, the thumbnail cropping function stopped working in PHP 8. I tried to persuade the neural network to help me, but even it couldn’t cope with the task.
Posts: 324
Threads: 5
Joined: May 2012
(2024-07-10, 09:54:52)Oleg06 Wrote: For some reason, the thumbnail cropping function stopped working in PHP 8. I tried to persuade the neural network to help me, but even it couldn’t cope with the task.
This never worked for me, even on versions prior to php8. And I have removed it from the core in CE. If someone can get this to work or has an alternative solution, I would be happy to add it back again.
Posts: 1,927
Threads: 88
Joined: Apr 2010
(2024-07-10, 17:35:24)islander Wrote: (2024-07-10, 09:54:52)Oleg06 Wrote: For some reason, the thumbnail cropping function stopped working in PHP 8. I tried to persuade the neural network to help me, but even it couldn’t cope with the task.
This never worked for me, even on versions prior to php8. And I have removed it from the core in CE. If someone can get this to work or has an alternative solution, I would be happy to add it back again.
In version 3.4 this works well.
Posts: 324
Threads: 5
Joined: May 2012
2024-07-10, 23:10:35
(This post was last modified: 2024-07-10, 23:11:38 by islander.)
I never used v3.4. Only a few quick looks to see if something new. I will look and see if this can be ported to CE. Thanks for the info.
Posts: 1,927
Threads: 88
Joined: Apr 2010
(2024-07-10, 23:10:35)islander Wrote: I never used v3.4. Only a few quick looks to see if something new. I will look and see if this can be ported to CE. Thanks for the info.
Fixes for thumbnail cropping. https://disk.yandex.ru/d/9mmOV_JjKrWtBQ
|