Hi all,
Not trying to do anything particularly complicated. I just want to paste a large (3 A4 pages) load of text in to a page.
I've tried directly pasting it in to FCK's screen and using the paste plain text or paste word options. I've also tried a different WYSIWYG editor but every time I get this error:
"An appropriate representation of the requested resource /cms/admin/editcontent.php could not be found on this server."
I've checked and double checked the text - it's plain text, there is no formatting of any sort - I'm stumped.
I managed to get some text in by pasting small sections at a time, but I've now hit a block (about 10 lines) that just refuses. Really can't figure this - any ideas please?
Greg.
Problems pasting text in
Re: Problems pasting text in
is the server running mod_security?
someone had the exact same problem about a month ago, it was mod_security thinking some of the content was not appropriate.
try narrowing the area down and then change some words until mod_security is happy or ask your hosting company to disable it..
hope this helps
someone had the exact same problem about a month ago, it was mod_security thinking some of the content was not appropriate.
try narrowing the area down and then change some words until mod_security is happy or ask your hosting company to disable it..
hope this helps
-
thing
Re: Problems pasting text in
Ok, I'll try that thanks.
However I did narrow it down to about 50 words and it still failed. Thing is I have 4 CMSMS sites with the same host company and have never hit this problem before.
Anyway, lets give it a bash - the tech guys at my host company are pretty helpful!
Thanks.
Greg
However I did narrow it down to about 50 words and it still failed. Thing is I have 4 CMSMS sites with the same host company and have never hit this problem before.
Anyway, lets give it a bash - the tech guys at my host company are pretty helpful!
Thanks.
Greg
-
thing
Re: Problems pasting text in
Hi,
Yep - this did have something to do with mod_security and it's been sorted.
However it's simply not possible to disable that ... whatever it is ... as it has something to do with stopping hacking attempts. Instead my host company tracked down the problem and commented out one exception which then allowed the edit attempt I was trying.
Job done.
Thanks!
Yep - this did have something to do with mod_security and it's been sorted.
However it's simply not possible to disable that ... whatever it is ... as it has something to do with stopping hacking attempts. Instead my host company tracked down the problem and commented out one exception which then allowed the edit attempt I was trying.
Job done.
Thanks!
Re: Problems pasting text in
Any chance you could find out just what they did so we may help others with similar problems?...
-
thing
Re: Problems pasting text in
No problem, but since it's all rather beyond my ken the best bet is I simply post the tech support reply here ...
---------
"Yes, its mod_security. I'm amazed that your developer suggested disabling it!
mod_security is basically a system that checks every page that is loaded into the webserver for hacking attempts and code injection exploits etc. As you can imagine, disabling this is not an option!
We can find out what the cause is though...
The page that triggered it was...
/cms/admin/editcontent.php?content_id=56&page=
The directive that picked it up was...
Access denied with code 406. Pattern match "(insert[[:space:]]+into.+values|select.*from.+[a-z|A-Z|0-9]|select.+from|bulk[[:space:]]+insert|union.+select|convert.+\\(.*from)" at POST_PAYLOAD
Essentially this rule is there to stop an SQL injection attack.
Your script allows a third party to use "editcontent.php" in a browser to directly update the database. Potentially, someone could hack into your site simply by typing stuff into their browser's address bar. However - I'm guessing that editcontent.php can only be accessed via the admin area and so is password protected. As such, it cant be used to do any damage.
Therefore I will comment out that particular rule from the config. It should work fine now. "
---------
That's verbatim - the whole thing. What ever it is they did, it fixed it! Oh the page id was just one of my site pages, of course.
And the problem occurred after I'd successfully pasted in about 150 words. Have a look here http://thelaymaster.com/cms/index.php?p ... conditions - I managed to paste in to item 8 then no matter how small an amount of text I tried (down to a few words) it wouldn't let me go further.
Hope this helps someone!
Good luck all.
Greg
---------
"Yes, its mod_security. I'm amazed that your developer suggested disabling it!
mod_security is basically a system that checks every page that is loaded into the webserver for hacking attempts and code injection exploits etc. As you can imagine, disabling this is not an option!
We can find out what the cause is though...
The page that triggered it was...
/cms/admin/editcontent.php?content_id=56&page=
The directive that picked it up was...
Access denied with code 406. Pattern match "(insert[[:space:]]+into.+values|select.*from.+[a-z|A-Z|0-9]|select.+from|bulk[[:space:]]+insert|union.+select|convert.+\\(.*from)" at POST_PAYLOAD
Essentially this rule is there to stop an SQL injection attack.
Your script allows a third party to use "editcontent.php" in a browser to directly update the database. Potentially, someone could hack into your site simply by typing stuff into their browser's address bar. However - I'm guessing that editcontent.php can only be accessed via the admin area and so is password protected. As such, it cant be used to do any damage.
Therefore I will comment out that particular rule from the config. It should work fine now. "
---------
That's verbatim - the whole thing. What ever it is they did, it fixed it! Oh the page id was just one of my site pages, of course.
And the problem occurred after I'd successfully pasted in about 150 words. Have a look here http://thelaymaster.com/cms/index.php?p ... conditions - I managed to paste in to item 8 then no matter how small an amount of text I tried (down to a few words) it wouldn't let me go further.
Hope this helps someone!
Good luck all.
Greg
Re: Problems pasting text in
thing wrote:
"Yes, its mod_security. I'm amazed that your developer suggested disabling it!
Mod security is one of the tools that can be used correctly or incorrectly, correct use will make server more secure but incorrect use just gives false feeling of security.
and the disabling part in my post was for debugging this error.
Glad to hear you (and your hosting) got it worked out.
-
thing
Re: Problems pasting text in
Thanks.
Bear in mind that was their comment, not mine. I'm sure they meant no offence as they didn't know the manner, or reason, you suggested it's disabling!
I think they are also over-cautious due to a recent spate of DOS attacks and what-have-you on several of their accounts. Assuming disabling this mod_security thing would have been server wide for the particular server my site is on I can understand their reticence.
All the best mate. Hopefully my experiences will lead to others have similar solutions if they face the same problem! Of course that relies on their host company being helpful - man I'm glad this site wasn't hosted on an Iomart server
Greg
Bear in mind that was their comment, not mine. I'm sure they meant no offence as they didn't know the manner, or reason, you suggested it's disabling!
I think they are also over-cautious due to a recent spate of DOS attacks and what-have-you on several of their accounts. Assuming disabling this mod_security thing would have been server wide for the particular server my site is on I can understand their reticence.
All the best mate. Hopefully my experiences will lead to others have similar solutions if they face the same problem! Of course that relies on their host company being helpful - man I'm glad this site wasn't hosted on an Iomart server
Greg
