server problems 403, file not found

[Ampersand]

Hi, I would like to ask for a little help after server change. I have read already this thread, but problem seems to be somewhere else. Here is the situation:

• My hosting account was transferred within the same provider to another server
  
• I checked files and permissions - they are as they were when everything worked fine
  
• .htaccess files remained unchanged
  
• Two GS sites display fine, problems occur in /admin/ when editing files:
  
• In GS 3.0 - when trying to edit a file a GS page with 403.shtml appears (mysite.com/403.shtml)
  
• In GS 2.03:
  

1. I can edit&save components without problems
   
2. When trying to edit a page, after pressing save, a mysite.com/admin/changedata.php with The requested URL /files/ was not found on this server appears - Though the file is in its place, as usual, with 0644 in admin folder 0755.
   

[shawn_a]

Xss filter or mod_sec on server blocking?
Chdck host losgs and browser console

[Ampersand]

Xss filter or mod_sec on server blocking?
Chdck host losgs and browser console

Thanks for the answer I use Firefox concerning xss. I will check mod_sec, as at the moment I have no insight into Apache config. As to serwer log, errors appear in pairs of three of a kind:

Code:

[Fri Jan 22 16:56:25 2016] [error] [client 188.146.4.234] File does not exist: /public_html/d/branford/admin/"http:, referer: http://mysite.com/admin/edit.php?id=index
[Fri Jan 22 16:56:25 2016] [error] [client 188.146.4.234] File does not exist: /public_html/d/branford/admin/"http:, referer: http://mysite.com/admin/edit.php?id=index
[Fri Jan 22 16:56:25 2016] [error] [client 188.146.4.234] File does not exist: /public_html/d/branford/admin/"http:, referer: http://mysite.com/admin/edit.php?id=index
[Fri Jan 22 16:56:24 2016] [error] [client 188.146.4.234] File does not exist: /public_html/d/branford/admin/"http:, referer: http://mysite.com/admin/edit.php?id=index
[Fri Jan 22 16:56:24 2016] [error] [client 188.146.4.234] File does not exist: /public_html/d/branford/admin/"http:, referer: http://mysite.com/admin/edit.php?id=index
[Fri Jan 22 16:56:24 2016] [error] [client 188.146.4.234] File does not exist: /public_html/d/branford/admin/"http:, referer: http://mysite.com/admin/edit.php?id=index

I also checked uploading and deleting files through /upload.php works fine
I enclose php config

[shawn_a]

Well that is all kinds of jacked up.

"/public_html/d/branford/admin/"http:,"

check your site url in settings , see if it has some quotes or some shit in it.

Looks like it is trying to load your url as a relative path some how, maybe you have a php_self problem, check the page source and see what the form action is set to on page edit.

[shawn_a]

The for action is hardcoded to <form class="largeform" id="editform" action="changedata.php" method="post" accept-charset="utf-8" > So that is probably not the problem.

maybe you have some htaccess rewrite, make sure you didnt put a htaccess in the wrong place. try a fresh install confirm working, copy over it to complete, that is the recommended method of moving stuff. make sure you change your site url properly. check health check also.

Does your change actually get saved? Could be the redirect failing, cant really tell the error doesn't say the full url.

[Ampersand]

"/public_html/d/branford/admin/"http:,"

Right, I missed this one, looks very obvious for a reason of error. I'll try to track it from your hint.
edit.php source looks fine, but thanks for pointing to this one:

Code:

<form class="largeform" id="editform" action="changedata.php" method="post" accept-charset="utf-8" >

[Ampersand]

maybe you have some htaccess rewrite, make sure you didnt put a htaccess in the wrong place. try a fresh install confirm  working, copy over it to complete, that is the recommended method of moving stuff. make sure you change your site url properly. check health check also.

Yes, I'll try to change .htaccess to default, so far have just commented out what I could, but still no improvement.
Changed pages don't get saved. Server log is now clear, no server errors that I included above.
I consider fresh install, but trying to avoid it for now. For the moment, please have a look at health check, that I have just noticed. All lines are green except for a one. If I understand well, it has warned about the very .htaccess in /data dir?

[Ampersand]

Now all lines are green in health check after I had changed

Code:

ASCII text, with CRLF line terminators

deny from all

to

Code:

text/x-generic .htaccess
ASCII text, with no line terminators

Deny from all

But still no improvement in saving pages. Even though I can delete and restore pages from backup.

I still wonder why after trying to save a page my browser displays a page mysite.com/admin/changedata.php in browser url line with
Not Found

The requested URL /files/ was not found on this server.

---

Apache Server at Port 80

in page contents. Where the directoryname /files/ could come from?

[Ampersand]

browser console:

Code:

POST
http://mysite.com/admin/changedata.php [HTTP/1.1 403 Forbidden 199ms]

[Ampersand]

Sit report update:
I can create new pages. I can edit and save them.
I still can't edit pages created before my hosting account was moved to a new server by the provider.

Can it indicate the problem of ownership of the files? I have found I may be another victim of such case.

[Ampersand]

Another insight: There is no difference between new pages and old ones created before server change. The error from the first post appears only when a page contains " character (the one with shift left to Enter) . ' character (the one without shift left to Enter) doesn't cause any error and pages save smoothly. And 99% percent of may pages contain ", therefore the error. As template files also contain lots " and I can edit and save them without difference, The reason must be either in edit.php or changedata.php contents or the way POST variables are transferred between these two. What do you think Shaun?

Looks exactly like this case.

[shawn_a]

Yes owner permission problems

[Ampersand]

well, not sure now when I can edit old template files, and all files even old transferred without quotation marks. Example from 3.1.2 that also behaves as above:
browser URL:mysite.com/d/tourist/admin/changedata.php
browser window: Forbidden

You don't have permission to access /d/tourist/admin/changedata.php on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Error log from server

Code:

[Sat Jan 23 21:31:59 2016] [error] [client 188.146.4.234] File does not exist: /public_html/403.shtml, referer: http://mysite.com/d/tourist/admin/edit.php?id=arrival_de&upd=edit-success&type=edit
[Sat Jan 23 21:30:48 2016] [error] [client 188.146.4.234] File does not exist: /public_html/403.shtml, referer: http://mysite.com/d/tourist/admin/edit.php?id=kontakt
[Sat Jan 23 21:30:00 2016] [error] [client 188.146.4.234] File does not exist: /public_html/403.shtml, referer: http://mysite.coml/d/tourist/admin/edit.php?id=alibi&upd=edit-success&type=edit

page 'alibi' doesn't contain quotation marks so it saved well whereas 'kontakt' contains quots

[shawn_a]

No idea about the quotes

I assume you have disabled all plugins?

[shawn_a]

Try different browsers?

[shawn_a]

Do you have script in your pages? Does your server have magic quotes enabled?

What version of php ? Safe mode?

[shawn_a]

Still sounds like a mod_sec filter

[Ampersand]

safe mod is off
no idea how to check for magic quotes

Code:

PHP logo
PHP Version 5.5.31

System     Linux server.hostingname.tld 2.6.32-604.30.3.lve1.3.63.el6.x86_64 #1 SMP Sun Sep 27 06:34:10 EDT 2015 x86_64
Build Date     Jan 17 2016 16:00:26
Configure Command     './configure' '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/opt/alt/php55' '--exec-prefix=/opt/alt/php55' '--bindir=/opt/alt/php55/usr/bin' '--sbindir=/opt/alt/php55/usr/sbin' '--sysconfdir=/opt/alt/php55/etc' '--datadir=/opt/alt/php55/usr/share' '--includedir=/opt/alt/php55/usr/include' '--libdir=/opt/alt/php55/usr/lib64' '--libexecdir=/opt/alt/php55/usr/libexec' '--localstatedir=/var' '--with-openssl=/usr' '--with-curl=/opt/alt/curlssl/usr' '--sharedstatedir=/usr/com' '--mandir=/opt/alt/php55/usr/share/man' '--infodir=/opt/alt/php55/usr/share/info' '--cache-file=../config.cache' '--with-libdir=lib64' '--with-config-file-path=/opt/alt/php55/etc' '--with-config-file-scan-dir=/opt/alt/php55/etc/php.d' '--disable-debug' '--with-pic' '--disable-rpath' '--without-pear' '--with-bz2' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-xpm-dir=/usr' '--with-vpx-dir=/usr' '--enable-gd-native-ttf' '--with-t1lib=/opt/alt/t1lib/usr' '--without-gdbm' '--with-gettext' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-pcre-regex=/opt/alt/pcre/usr' '--with-zlib' '--with-layout=GNU' '--enable-exif' '--enable-ftp' '--enable-sockets=shared' '--with-kerberos' '--enable-shmop' '--enable-calendar' '--with-libxml-dir=/opt/alt/libxml2/usr' '--enable-xml' '--with-mcrypt=shared,/usr' '--with-tidy=shared,/usr' '--with-mhash' '--with-readline' '--enable-dbx=shared' '--with-zlib-dir=/usr' '--disable-opcache' '--with-mssql=shared,/opt/alt/freetds/usr' '--with-interbase=shared,/opt/alt/firebird/usr' '--with-pdo-firebird=shared,/opt/alt/firebird/usr' '--with-pdo-dblib=shared,/opt/alt/freetds/usr' '--with-litespeed' '--enable-pcntl' '--with-imap=shared' '--with-imap-ssl' '--enable-mbstring=shared' '--enable-mbregex' '--with-gd=shared' '--enable-bcmath=shared' '--enable-dba=shared' '--with-db4=/usr' '--with-xmlrpc=shared' '--with-ldap=shared' '--with-ldap-sasl' '--enable-dom=shared' '--with-pgsql=shared' '--enable-wddx=shared' '--with-snmp=shared,/usr' '--enable-soap=shared' '--with-xsl=shared,/usr' '--enable-xmlreader=shared' '--enable-xmlwriter=shared' '--with-icu-dir=/opt/alt/libicu/usr' '--enable-pdo=shared' '--with-pdo-odbc=shared,unixODBC,/usr' '--with-pdo-pgsql=shared,/usr' '--with-pdo-sqlite=shared,/opt/alt/sqlite/usr' '--enable-json=shared' '--enable-zip=shared' '--with-pspell=shared' '--enable-phar=shared' '--enable-sysvmsg=shared' '--enable-sysvshm=shared' '--enable-sysvsem=shared' '--enable-posix=shared' '--with-unixODBC=shared,/usr' '--enable-fileinfo=shared' '--enable-intl=shared' '--enable-sqlite3=shared,/opt/alt/sqlite/usr' '--with-enchant=shared,/usr' '--with-recode=shared,/usr'
Server API     LiteSpeed V6.9
Virtual Directory Support     disabled
Configuration File (php.ini) Path     /opt/alt/php55/etc
Loaded Configuration File     /opt/alt/php55/etc/php.ini
Scan this dir for additional .ini files     /opt/alt/php55/etc/php.d
Additional .ini files parsed     /opt/alt/php55/etc/php.d/alt_php.ini
PHP API     20121113
PHP Extension     20121212
Zend Extension     220121212
Zend Extension Build     API220121212,NTS
PHP Extension Build     API20121212,NTS
Debug Build     no
Thread Safety     disabled
Zend Signal Handling     disabled
Zend Memory Manager     enabled
Zend Multibyte Support     provided by mbstring
IPv6 Support     enabled
DTrace Support     disabled
Registered PHP Streams    https, ftps, compress.zlib, compress.bzip2, php, file, glob, data, http, ftp, phar, zip
Registered Stream Socket Transports    tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
Registered Stream Filters    zlib.*, bzip2.*, convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, dechunk, mcrypt.*, mdecrypt.*

Zend logo This program makes use of the Zend Scripting Language Engine:
Zend Engine v2.5.0, Copyright (c) 1998-2015 Zend Technologies
   with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) v5.0.18, Copyright (c) 2002-2015, by ionCube Ltd.

Configuration
bcmath
BCMath support     enabled

Directive    Local Value    Master Value
bcmath.scale    0    0

bz2
BZip2 Support     Enabled
Stream Wrapper support     compress.bzip2://
Stream Filter support     bzip2.decompress, bzip2.compress
BZip2 Version     1.0.5, 10-Dec-2007

calendar
Calendar support     enabled

Core
PHP Version     5.5.31

Directive    Local Value    Master Value
allow_url_fopen    On    On
allow_url_include    Off    Off
always_populate_raw_post_data    Off    Off
arg_separator.input    &    &
arg_separator.output    &    &
asp_tags    Off    Off
auto_append_file    no value    no value
auto_globals_jit    On    On
auto_prepend_file    no value    no value
browscap    no value    no value
default_charset    no value    no value
default_mimetype    text/html    text/html
disable_classes    no value    no value
disable_functions    no value    no value
display_errors    Off    Off
display_startup_errors    Off    Off
doc_root    no value    no value
docref_ext    no value    no value
docref_root    no value    no value
enable_dl    On    On
enable_post_data_reading    On    On
error_append_string    no value    no value
error_log    error_log    error_log
error_prepend_string    no value    no value
error_reporting    32767    32767
exit_on_timeout    Off    Off
expose_php    On    On
extension_dir    /opt/alt/php55/usr/lib64/php/modules    /opt/alt/php55/usr/lib64/php/modules
file_uploads    On    On
highlight.comment    #FF8000    #FF8000
highlight.default    #0000BB    #0000BB
highlight.html    #000000    #000000
highlight.keyword    #007700    #007700
highlight.string    #DD0000    #DD0000
html_errors    On    On
ignore_repeated_errors    Off    Off
ignore_repeated_source    Off    Off
ignore_user_abort    Off    Off
implicit_flush    Off    Off
include_path    .:/opt/alt/php55/usr/share/pear:/opt/alt/php55/usr/share/php    .:/opt/alt/php55/usr/share/pear:/opt/alt/php55/usr/share/php
log_errors    On    On
log_errors_max_len    1024    1024
mail.add_x_header    Off    Off
mail.force_extra_parameters    no value    no value
mail.log    no value    no value
max_execution_time    30    30
max_file_uploads    20    20
max_input_nesting_level    64    64
max_input_time    -1    -1
max_input_vars    1000    1000
memory_limit    128M    128M
open_basedir    no value    no value
output_buffering    4096    4096
output_handler    no value    no value
post_max_size    8M    8M
precision    14    14
realpath_cache_size    16K    16K
realpath_cache_ttl    120    120
register_argc_argv    Off    Off
report_memleaks    On    On
report_zend_debug    On    On
request_order    no value    no value
sendmail_from    no value    no value
sendmail_path    /usr/sbin/sendmail -t -i    /usr/sbin/sendmail -t -i
serialize_precision    100    100
short_open_tag    On    On
SMTP    localhost    localhost
smtp_port    25    25
sql.safe_mode    Off    Off
sys_temp_dir    no value    no value
track_errors    Off    Off
unserialize_callback_func    no value    no value
upload_max_filesize    2M    2M
upload_tmp_dir    no value    no value
user_dir    no value    no value
user_ini.cache_ttl    300    300
user_ini.filename    .user.ini    .user.ini
variables_order    EGPCS    EGPCS
xmlrpc_error_number    0    0
xmlrpc_errors    Off    Off
zend.detect_unicode    On    On
zend.enable_gc    On    On
zend.multibyte    Off    Off
zend.script_encoding    no value    no value

ctype
ctype functions     enabled

curl
cURL support     enabled
cURL Information     7.36.0
Age     3
Features
AsynchDNS     Yes
CharConv     No
Debug     No
GSS-Negotiate     Yes
IDN     Yes
IPv6     Yes
krb4     No
Largefile     Yes
libz     Yes
NTLM     Yes
NTLMWB     Yes
SPNEGO     No
SSL     Yes
SSPI     No
TLS-SRP     No
Protocols     dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, ldaps, pop3, pop3s, rtsp, scp, sftp, smtp, smtps, telnet, tftp
Host     x86_64-redhat-linux-gnu
SSL Version     OpenSSL/1.0.1e
ZLib Version     1.2.3
libSSH Version     libssh2/1.4.3

date
date/time support     enabled
"Olson" Timezone Database Version     2015.5
Timezone Database     internal
Default timezone     Europe/Berlin

Directive    Local Value    Master Value
date.default_latitude    31.7667    31.7667
date.default_longitude    35.2333    35.2333
date.sunrise_zenith    90.583333    90.583333
date.sunset_zenith    90.583333    90.583333
date.timezone    Europe/Berlin    Europe/Berlin

dom
DOM/XML     enabled
DOM/XML API Version     20031129
libxml Version     2.9.1
HTML Support     enabled
XPath Support     enabled
XPointer Support     enabled
Schema Support     enabled
RelaxNG Support     enabled

ereg
Regex Library     Bundled library enabled

exif
EXIF Support     enabled
EXIF Version     1.4 $Id: ff29fdd0fa0b922fd32e2f5704857dcc8543f628 $
Supported EXIF Version     0220
Supported filetypes     JPEG,TIFF

Directive    Local Value    Master Value
exif.decode_jis_intel    JIS    JIS
exif.decode_jis_motorola    JIS    JIS
exif.decode_unicode_intel    UCS-2LE    UCS-2LE
exif.decode_unicode_motorola    UCS-2BE    UCS-2BE
exif.encode_jis    no value    no value
exif.encode_unicode    ISO-8859-15    ISO-8859-15

filter
Input Validation and Filtering     enabled
Revision     $Id: fbeb8bbbf6cc97f568996dac46e13e48e2907326 $

Directive    Local Value    Master Value
filter.default    unsafe_raw    unsafe_raw
filter.default_flags    no value    no value

ftp
FTP support     enabled

gd
GD Support     enabled
GD Version     bundled (2.1.0 compatible)
FreeType Support     enabled
FreeType Linkage     with freetype
FreeType Version     2.3.11
T1Lib Support     enabled
GIF Read Support     enabled
GIF Create Support     enabled
JPEG Support     enabled
libJPEG Version     6b
PNG Support     enabled
libPNG Version     1.2.49
WBMP Support     enabled
XPM Support     enabled
libXpm Version     30411
XBM Support     enabled
WebP Support     enabled

Directive    Local Value    Master Value
gd.jpeg_ignore_warning    0    0

gettext
GetText Support     enabled

gmp
gmp support     enabled
GMP version     4.3.1

hash
hash support     enabled
Hashing Engines     md2 md4 md5 sha1 sha224 sha256 sha384 sha512 ripemd128 ripemd160 ripemd256 ripemd320 whirlpool tiger128,3 tiger160,3 tiger192,3 tiger128,4 tiger160,4 tiger192,4 snefru snefru256 gost adler32 crc32 crc32b fnv132 fnv164 joaat haval128,3 haval160,3 haval192,3 haval224,3 haval256,3 haval128,4 haval160,4 haval192,4 haval224,4 haval256,4 haval128,5 haval160,5 haval192,5 haval224,5 haval256,5

iconv
iconv support     enabled
iconv implementation     glibc
iconv library version     2.12

Directive    Local Value    Master Value
iconv.input_encoding    ISO-8859-1    ISO-8859-1
iconv.internal_encoding    ISO-8859-1    ISO-8859-1
iconv.output_encoding    ISO-8859-1    ISO-8859-1

imap
IMAP c-Client Version     2007e
SSL Support     enabled
Kerberos Support     enabled

json
json support     enabled
json version     1.2.1

libxml
libXML support     active
libXML Compiled Version     2.9.1
libXML Loaded Version     20901
libXML streams     enabled

mbstring
Multibyte Support     enabled
Multibyte string engine     libmbfl
HTTP input encoding translation     disabled
libmbfl version     1.3.2

mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.

Multibyte (japanese) regex support     enabled
Multibyte regex (oniguruma) backtrack check     On
Multibyte regex (oniguruma) version     5.9.2

Directive    Local Value    Master Value
mbstring.detect_order    no value    no value
mbstring.encoding_translation    Off    Off
mbstring.func_overload    0    0
mbstring.http_input    pass    pass
mbstring.http_output    pass    pass
mbstring.http_output_conv_mimetypes    ^(text/|application/xhtml\+xml)    ^(text/|application/xhtml\+xml)
mbstring.internal_encoding    no value    no value
mbstring.language    neutral    neutral
mbstring.strict_detection    Off    Off
mbstring.substitute_character    no value    no value

mcrypt
mcrypt support    enabled
mcrypt_filter support    enabled
Version     2.5.8
Api No     20021217
Supported ciphers     cast-128 gost rijndael-128 twofish arcfour cast-256 loki97 rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes
Supported modes     cbc cfb ctr ecb ncfb nofb ofb stream

Directive    Local Value    Master Value
mcrypt.algorithms_dir    no value    no value
mcrypt.modes_dir    no value    no value

mhash
MHASH support     Enabled
MHASH API Version     Emulated Support

mysql
MySQL Support    enabled
Active Persistent Links     0
Active Links     0
Client API version     5.5.45
MYSQL_MODULE_TYPE     no value
MYSQL_SOCKET     /var/lib/mysql/mysql.sock
MYSQL_INCLUDE     no value
MYSQL_LIBS     no value

Directive    Local Value    Master Value
mysql.allow_local_infile    On    On
mysql.allow_persistent    On    On
mysql.connect_timeout    60    60
mysql.default_host    no value    no value
mysql.default_password    no value    no value
mysql.default_port    no value    no value
mysql.default_socket    /var/lib/mysql/mysql.sock    /var/lib/mysql/mysql.sock
mysql.default_user    no value    no value
mysql.max_links    Unlimited    Unlimited
mysql.max_persistent    Unlimited    Unlimited
mysql.trace_mode    Off    Off

mysqli
MysqlI Support    enabled
Client API library version     5.5.45
Active Persistent Links     0
Inactive Persistent Links     0
Active Links     0
Client API header version     5.5.45
MYSQLI_SOCKET     /var/lib/mysql/mysql.sock

Directive    Local Value    Master Value
mysqli.allow_local_infile    On    On
mysqli.allow_persistent    On    On
mysqli.default_host    no value    no value
mysqli.default_port    3306    3306
mysqli.default_pw    no value    no value
mysqli.default_socket    no value    no value
mysqli.default_user    no value    no value
mysqli.max_links    Unlimited    Unlimited
mysqli.max_persistent    Unlimited    Unlimited
mysqli.reconnect    Off    Off

mysqlnd
mysqlnd    enabled
Version     mysqlnd 5.0.11-dev - 20120503 - $Id: 15d5c781cfcad91193dceae1d2cdd127674ddb3e $
Compression     supported
core SSL     supported
extended SSL     supported
Command buffer size     4096
Read buffer size     32768
Read timeout     31536000
Collecting statistics     Yes
Collecting memory statistics     No
Tracing     n/a
Loaded plugins     mysqlnd,debug_trace,auth_plugin_mysql_native_password,auth_plugin_mysql_clear_password,auth_plugin_sha256_password
API Extensions     no value

mysqlnd statistics    
bytes_sent     0
bytes_received     0
packets_sent     0
packets_received     0
protocol_overhead_in     0
protocol_overhead_out     0
bytes_received_ok_packet     0
bytes_received_eof_packet     0
bytes_received_rset_header_packet     0
bytes_received_rset_field_meta_packet     0
bytes_received_rset_row_packet     0
bytes_received_prepare_response_packet     0
bytes_received_change_user_packet     0
packets_sent_command     0
packets_received_ok     0
packets_received_eof     0
packets_received_rset_header     0
packets_received_rset_field_meta     0
packets_received_rset_row     0
packets_received_prepare_response     0
packets_received_change_user     0
result_set_queries     0
non_result_set_queries     0
no_index_used     0
bad_index_used     0
slow_queries     0
buffered_sets     0
unbuffered_sets     0
ps_buffered_sets     0
ps_unbuffered_sets     0
flushed_normal_sets     0
flushed_ps_sets     0
ps_prepared_never_executed     0
ps_prepared_once_executed     0
rows_fetched_from_server_normal     0
rows_fetched_from_server_ps     0
rows_buffered_from_client_normal     0
rows_buffered_from_client_ps     0
rows_fetched_from_client_normal_buffered     0
rows_fetched_from_client_normal_unbuffered     0
rows_fetched_from_client_ps_buffered     0
rows_fetched_from_client_ps_unbuffered     0
rows_fetched_from_client_ps_cursor     0
rows_affected_normal     0
rows_affected_ps     0
rows_skipped_normal     0
rows_skipped_ps     0
copy_on_write_saved     0
copy_on_write_performed     0
command_buffer_too_small     0
connect_success     0
connect_failure     0
connection_reused     0
reconnect     0
pconnect_success     0
active_connections     0
active_persistent_connections     0
explicit_close     0
implicit_close     0
disconnect_close     0
in_middle_of_command_close     0
explicit_free_result     0
implicit_free_result     0
explicit_stmt_close     0
implicit_stmt_close     0
mem_emalloc_count     0
mem_emalloc_amount     0
mem_ecalloc_count     0
mem_ecalloc_amount     0
mem_erealloc_count     0
mem_erealloc_amount     0
mem_efree_count     0
mem_efree_amount     0
mem_malloc_count     0
mem_malloc_amount     0
mem_calloc_count     0
mem_calloc_amount     0
mem_realloc_count     0
mem_realloc_amount     0
mem_free_count     0
mem_free_amount     0
mem_estrndup_count     0
mem_strndup_count     0
mem_estndup_count     0
mem_strdup_count     0
proto_text_fetched_null     0
proto_text_fetched_bit     0
proto_text_fetched_tinyint     0
proto_text_fetched_short     0
proto_text_fetched_int24     0
proto_text_fetched_int     0
proto_text_fetched_bigint     0
proto_text_fetched_decimal     0
proto_text_fetched_float     0
proto_text_fetched_double     0
proto_text_fetched_date     0
proto_text_fetched_year     0
proto_text_fetched_time     0
proto_text_fetched_datetime     0
proto_text_fetched_timestamp     0
proto_text_fetched_string     0
proto_text_fetched_blob     0
proto_text_fetched_enum     0
proto_text_fetched_set     0
proto_text_fetched_geometry     0
proto_text_fetched_other     0
proto_binary_fetched_null     0
proto_binary_fetched_bit     0
proto_binary_fetched_tinyint     0
proto_binary_fetched_short     0
proto_binary_fetched_int24     0
proto_binary_fetched_int     0
proto_binary_fetched_bigint     0
proto_binary_fetched_decimal     0
proto_binary_fetched_float     0
proto_binary_fetched_double     0
proto_binary_fetched_date     0
proto_binary_fetched_year     0
proto_binary_fetched_time     0
proto_binary_fetched_datetime     0
proto_binary_fetched_timestamp     0
proto_binary_fetched_string     0
proto_binary_fetched_blob     0
proto_binary_fetched_enum     0
proto_binary_fetched_set     0
proto_binary_fetched_geometry     0
proto_binary_fetched_other     0
init_command_executed_count     0
init_command_failed_count     0
com_quit     0
com_init_db     0
com_query     0
com_field_list     0
com_create_db     0
com_drop_db     0
com_refresh     0
com_shutdown     0
com_statistics     0
com_process_info     0
com_connect     0
com_process_kill     0
com_debug     0
com_ping     0
com_time     0
com_delayed_insert     0
com_change_user     0
com_binlog_dump     0
com_table_dump     0
com_connect_out     0
com_register_slave     0
com_stmt_prepare     0
com_stmt_execute     0
com_stmt_send_long_data     0
com_stmt_close     0
com_stmt_reset     0
com_stmt_set_option     0
com_stmt_fetch     0
com_deamon     0
bytes_received_real_data_normal     0
bytes_received_real_data_ps     0

openssl
OpenSSL support     enabled
OpenSSL Library Version     OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL Header Version     OpenSSL 1.0.1e-fips 11 Feb 2013

pcntl
pcntl support    enabled

pcre
PCRE (Perl Compatible Regular Expressions) Support     enabled
PCRE Library Version     8.37 2015-04-28

Directive    Local Value    Master Value
pcre.backtrack_limit    1000000    1000000
pcre.recursion_limit    100000    100000

PDO
PDO support    enabled
PDO drivers     mysql, sqlite

pdo_mysql
PDO Driver for MySQL    enabled
Client API version     5.5.45

Directive    Local Value    Master Value
pdo_mysql.default_socket    /tmp/mysql.sock    /tmp/mysql.sock

pdo_sqlite
PDO Driver for SQLite 3.x    enabled
SQLite Library     3.8.5

Phar
Phar: PHP Archive support    enabled
Phar EXT version     2.0.2
Phar API version     1.1.1
SVN revision     $Id: 4b9a493926fec4e6d913722b7a94602c7850c27e $
Phar-based phar archives     enabled
Tar-based phar archives     enabled
ZIP-based phar archives     enabled
gzip compression     enabled
bzip2 compression     enabled
OpenSSL support     enabled

Phar based on pear/PHP_Archive, original concept by Davey Shafik.
Phar fully realized by Gregory Beaver and Marcus Boerger.
Portions of tar implementation Copyright (c) 2003-2009 Tim Kientzle.

Directive    Local Value    Master Value
phar.cache_list    no value    no value
phar.readonly    On    On
phar.require_hash    On    On

posix
Revision     $Id: 5d20de77687b7d961b15450873fa23b9e64a136a $

pspell
PSpell Support     enabled

readline
Readline Support    enabled
Readline library     6.0

Directive    Local Value    Master Value
cli.pager    no value    no value
cli.prompt    \b \>     \b \>

Reflection
Reflection    enabled
Version     $Id: dc76d2fe0f3e9c327c1d4ca617d94e26c7fae98d $

session
Session Support     enabled
Registered save handlers     files user
Registered serializer handlers     php_serialize php php_binary wddx

Directive    Local Value    Master Value
session.auto_start    Off    Off
session.cache_expire    180    180
session.cache_limiter    nocache    nocache
session.cookie_domain    no value    no value
session.cookie_httponly    Off    Off
session.cookie_lifetime    0    0
session.cookie_path    /    /
session.cookie_secure    Off    Off
session.entropy_file    no value    no value
session.entropy_length    0    0
session.gc_divisor    1000    1000
session.gc_maxlifetime    1440    1440
session.gc_probability    1    1
session.hash_bits_per_character    5    5
session.hash_function    0    0
session.name    PHPSESSID    PHPSESSID
session.referer_check    no value    no value
session.save_handler    files    files
session.save_path    /tmp    /tmp
session.serialize_handler    php    php
session.upload_progress.cleanup    On    On
session.upload_progress.enabled    On    On
session.upload_progress.freq    1%    1%
session.upload_progress.min_freq    1    1
session.upload_progress.name    PHP_SESSION_UPLOAD_PROGRESS    PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix    upload_progress_    upload_progress_
session.use_cookies    On    On
session.use_only_cookies    On    On
session.use_strict_mode    Off    Off
session.use_trans_sid    0    0

shmop
shmop support     enabled

SimpleXML
Simplexml support    enabled
Revision     $Id: 6b8e23a01a85046737ef7d31346da5164505c179 $
Schema support     enabled

soap
Soap Client     enabled
Soap Server     enabled

Directive    Local Value    Master Value
soap.wsdl_cache    1    1
soap.wsdl_cache_dir    /tmp    /tmp
soap.wsdl_cache_enabled    1    1
soap.wsdl_cache_limit    5    5
soap.wsdl_cache_ttl    86400    86400

sockets
Sockets Support     enabled

SPL
SPL support    enabled
Interfaces     Countable, OuterIterator, RecursiveIterator, SeekableIterator, SplObserver, SplSubject
Classes     AppendIterator, ArrayIterator, ArrayObject, BadFunctionCallException, BadMethodCallException, CachingIterator, CallbackFilterIterator, DirectoryIterator, DomainException, EmptyIterator, FilesystemIterator, FilterIterator, GlobIterator, InfiniteIterator, InvalidArgumentException, IteratorIterator, LengthException, LimitIterator, LogicException, MultipleIterator, NoRewindIterator, OutOfBoundsException, OutOfRangeException, OverflowException, ParentIterator, RangeException, RecursiveArrayIterator, RecursiveCachingIterator, RecursiveCallbackFilterIterator, RecursiveDirectoryIterator, RecursiveFilterIterator, RecursiveIteratorIterator, RecursiveRegexIterator, RecursiveTreeIterator, RegexIterator, RuntimeException, SplDoublyLinkedList, SplFileInfo, SplFileObject, SplFixedArray, SplHeap, SplMinHeap, SplMaxHeap, SplObjectStorage, SplPriorityQueue, SplQueue, SplStack, SplTempFileObject, UnderflowException, UnexpectedValueException

sqlite3
SQLite3 support    enabled
SQLite3 module version     0.7-dev
SQLite Library     3.8.10.2

Directive    Local Value    Master Value
sqlite3.extension_dir    no value    no value

standard
Dynamic Library Support     enabled
Path to sendmail     /usr/sbin/sendmail -t -i

Directive    Local Value    Master Value
assert.active    1    1
assert.bail    0    0
assert.callback    no value    no value
assert.quiet_eval    0    0
assert.warning    1    1
auto_detect_line_endings    0    0
default_socket_timeout    60    60
from    no value    no value
url_rewriter.tags    a=href,area=href,frame=src,input=src,form=fakeentry    a=href,area=href,frame=src,input=src,form=fakeentry
user_agent    no value    no value

tidy
Tidy support    enabled
libTidy Release     14 June 2007
Extension Version     2.0 ($Id: e066a98a414c7f79f89f697c19c4336c61bc617b $)

Directive    Local Value    Master Value
tidy.clean_output    no value    no value
tidy.default_config    no value    no value

tokenizer
Tokenizer Support     enabled

wddx
WDDX Support    enabled
WDDX Session Serializer     enabled

xml
XML Support     active
XML Namespace Support     active
libxml2 Version     2.9.1

xmlreader
XMLReader     enabled

xmlrpc
core library version     xmlrpc-epi v. 0.51
php extension version     0.51
author     Dan Libby
homepage     http://xmlrpc-epi.sourceforge.net
open sourced by     Epinions.com

xmlwriter
XMLWriter     enabled

xsl
XSL     enabled
libxslt Version     1.1.26
libxslt compiled against libxml Version     2.7.6
EXSLT     enabled
libexslt Version     1.1.26

zip
Zip     enabled
Extension Version     $Id: 99c293c6d7426a83c60d234956aa10f0b56218fb $
Zip version     1.11.0
Libzip version     0.10.1

zlib
ZLib Support    enabled
Stream Wrapper     compress.zlib://
Stream Filter     zlib.inflate, zlib.deflate
Compiled Version     1.2.3
Linked Version     1.2.3

Directive    Local Value    Master Value
zlib.output_compression    Off    Off
zlib.output_compression_level    5    5
zlib.output_handler    ob_gzhandler    ob_gzhandler

Additional Modules
Module Name
ionCube Loader
litespeed

Environment
Variable    Value
PATH     /usr/local/bin:/usr/bin:/bin

PHP Variables
Variable    Value
_REQUEST["_jsuid"]    3195951388
_COOKIE["_jsuid"]    3195951388
_SERVER["PATH"]    /usr/local/jdk/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/lib/courier-imap/sbin:/usr/lib/courier-imap/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/X11R6/bin:/root/bin:/opt/bin
_SERVER["HTTP_ACCEPT"]    text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
_SERVER["HTTP_ACCEPT_ENCODING"]    gzip, deflate
_SERVER["HTTP_ACCEPT_LANGUAGE"]    pl,en-US;q=0.7,en;q=0.3
_SERVER["HTTP_CONNECTION"]    keep-alive
_SERVER["CONTENT_LENGTH"]    0
_SERVER["HTTP_COOKIE"]    _jsuid=3195951388

_SERVER["HTTP_USER_AGENT"]    Mozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0
_SERVER["HTTP_DNT"]    1
_SERVER["UNIQUE_ID"]    VqSxarB3ILcADikzSs4AAAAW
_SERVER["SERVER_SIGNATURE"]    no value
_SERVER["SERVER_SOFTWARE"]    Apache

_SERVER["REMOTE_PORT"]    26516
_SERVER["SERVER_PROTOCOL"]    HTTP/1.1
_SERVER["REQUEST_METHOD"]    GET
_SERVER["QUERY_STRING"]    no value
_SERVER["REQUEST_URI"]    /info.php
_SERVER["SCRIPT_NAME"]    /info.php
_SERVER["PHP_SELF"]    /info.php
_SERVER["REQUEST_TIME_FLOAT"]    1453633899.299
_SERVER["REQUEST_TIME"]    1453633899
_ENV["PATH"]    /usr/local/bin:/usr/bin:/bin

tried switchign php versions from 5.2 to 5.5 - no improvement

I have also such setting on

Code:

disable_functions     system, exec, passthru, popen, escapeshllarg, shell_exec, proc_open, escapeshellcmd, setini

[Ampersand]

Hosting provider confirmed mod_security on a new server. In a version updated (with different settings) in comparison to the older one.
After installing a fresh instance of GS3.3.7 with no plugins, no fancy urls situation is exactly the same.

Code:

[Sun Jan 24 13:31:09 2016] [error] [client 188.146.4.234] File does not exist: /public_html/403.shtml, referer: http://mysite.com/test/admin/edit.php?id=index

If this is caused mod_security looks like it makes changedata.php inaccessible when strings in POST contain double quotes.

[shawn_a]

I have never encountered a filter that does this, but it makes sense.
It would be great if you could find out which mod_sec rule it is, they have numbers. And usually some log logs the hits in more detail.

If your host allows you can do some htaccess fu and disable specific rules or all etc.

Maybe enabling entities setting in ckeditor will help, i think it does encoding on them.

And I would create that 403 file to quiet your logs a bit.

[Ampersand]

My hosting provider "changed one of mod-security" rules and it solved the problem. I'll try to have your questions above answered but at the moment I have no more details. Thanks for your patient assistance Shawn in pointing to the source of the problem. If you have any more questions, I'll try to answer as far as  I have knowledge.

[shawn_a]

Yeah i would like to create a wiki article on this

[Brummbar]

Yeah i would like to create a wiki article on this

I can confirm the Mod_Security app rule blocking the update or creation of any element using double quotes in my particular case as well.   

Content written with a single quote (') can be saved or created.   Content written with a double quote ('') can not and will result in a error message as described by member Ampersand.

"Forbidden

You don't have permission to access changedata.php on this server."

My hosting service is namecheap.com.   They have an info page that describes the Mod_Seurity error messages and behaviors that indicate this issue.  

https://www.namecheap.com/support/knowle...we-need-it

I will inquire as to the specific edit they will do, and then pass it along to help others in making a request to similar host services using Mod_Security.             

[shawn_a]

yeah knowing which rule is great

[AnthonyV]

yeah knowing which rule is great

I had the same problem at NameCheap.   A asked them for help and they fixed it for me.

The log entry the support tech gave me was:

ModSecurity: Access denied with code 403 (phase 2). String match "\\"" at ARGS_POST:post-content. [file "/var/cpanel/cwaf/rules/32_Apps_OtherApps.conf"] [line "1544"] [id "240710"] [rev "1"] [msg "COMODO WAF: Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 (CVE-2015-5355)