[Solved] 404 on existing page edit/submit

[pupppet]

Out of nowhere my 1.7.1 site (php 5.2.13, no added modules) starting exhibiting a 404 issue.  When you attempt to apply/submit while editing an existing page, you get a 404.  This issue doesn't occur when you submit a new page.  Submitting in any other area of the admin is fine, no 404's.  The public view of the site is fine.  Error log doesn't show anything.  Any ideas?

[Dr.CSS]

That most times means your host has done something to the server w/o letting you know, look in system info page to see any yellow ! or red X...

[minneapolis_dan]

I just started experiencing this too. I'm not seeing any red X in the system info, but I do know that another CMSms site running on the same server is working fine, so I'm trying to figure out what happened. Trying to save any edits give me a 404 error.

[calguy1000]

Double check with your host to make sure that they haven't enabled mod_security

mod_security SUCKS. mostly because web hosts try to put in too tight of rules on it.

[baresi]

404 on mod_security must be really misconfigured, strict mod_security could give 500 errors and it happened to me a couple of years ago till, like calguy1000 says, I convinced the host to drop some rules.

[minneapolis_dan]

Thank you very much, mod_security was the issue. I asked the host to check, and they white-listed the rule that CMSms was triggering.

[calguy1000]

I M so smrt!!!,  I M so smrt!!!

S M R T 

i mean S M A R T 

[pupppet]

It turns out this was a mod_security problem for me as well, and like minneapolis_dan the web host white-listed the mod_sec rule to fix the issue.

[kermit]

this is what i use to temporarily get around the occasional (once every year or two) trigger of mod_security when posting something...  goes in htaccess

# Quick fix for posting errors when saving pages
# if mod_security catches a keyword in the page.
# uncomment when needed
#
#  SecFilterEngine Off
#  SecFilterScanPOST Off
#


the error shouldn't be a 404 when mod_security kicks in.. unless that's how the server admin set it up.. not really the right error for it to be triggering, as it's totally wrong for what actually happened.  i think a 403 or 500 error is more common (500 is what my servers use).

[calguy1000]

We don't support mod_security, it's EVIL, and stupid.

It's an HTTP firewall that is usually applied with blanket solutions (i've seen stupid things where the word 'select' wasn't allowed in a request, where it is perfectly valid for that word to be used in a search request.

Therefore, please verify that your problem is NOT related to mod_security before posting herre.