CMS Made Simple Forums

Can somebody help me with this problem. Cmsms installed perfectly and most functions works fine. I can also log in into the admin page but some functions seems not to work. When I modify a template and press on the submit button the browser returns
Bad Request
Your browser sent a request that this server could not understand.
Apache/2.2.0 (Fedora) Server at www.ferrydewit.nl Port 80

The url is http://www.ferrydewit.nl/admin/addtempl ... _=0c39d257

Also when I press the test button to test permissions "File Creation Mask (umask)" the browser returns the bad request pages. Url is:
http://www.ferrydewit.nl/admin/sitepref ... _=0c39d257.

Can somebody help me to solve this? I use fedora 10 wich is installed as a server.

regards,

Ferry

Just had the same problem in Fedora 10. The reason is a rule in mod_security. You might want to check your apache error log for entries like:

[error] [client 127.0.0.1] ModSecurity: Access denied with code 400 (phase 2). Pattern match "(?:\\bhttp\\/(?:0\\.9|1\\.[01])|<(?:html|meta)\\b)" at ARGS:content. [file "/etc/httpd/modsecurity.d/modsecurity_crs_40_generic_attacks.conf"] [line "213"] [id "950911"] [msg "HTTP Response Splitting Attack"] [data "<__html"] [severity "ALERT"] [hostname "localhost"] [uri "/cmsmadesimple/admin/edittemplate.php"] [unique_id "SX4HiH8AAAEAABJDAOAAAAAF"]

I will but you have to wait a moment. I am reinstalling te server. Do you have a solution?

I edited the file etc/httpd/modsecurity.d/modsecurity_crs_40_generic_attacks.conf and commented out the corresponding rules (around line 213).

After reinstalling fedora and reinstalling cmsms everything seems to work fine. No errors or what so ever. Thanks anyway for your help.

Regards,

Ferry

If it is [solved] please mark it as so...