100%
mod_security setup Support Request
mod_security (http://www.modsecurity.org/) is an open source intrusion detection and prevention engine for web applications. It can also be called a(n) web application firewall. It operates embedded into the web server, acting as a powerful umbrella,…
Published by village_idiot on 2006-05-21
100%
Fix for Server Error 500 on uploading images to b2evolution hosted on CentOS with mod-security Support Request
Niltze, b2evolutioners--
A recent yum update to a CentOS instance with predefined modsecurity rules caused a subsequent Server Error 500 whenever b2evolution user attempted to upload images for her/his post in b2evolution 5.0.5.
Analyzing the Apache /…
Published by nanahuatl on 2013-08-15
100%
Allowing URLs in comments Support Request
I'm using 5.0.5-stable but hope to upgrade to the latest version soon. My issue is that my web host has set modsecurity so that I can't allow people to post URLs in the comments. This means any URLs in the "website" field will cause a…
Published by fredsy on 2014-07-12
50%
Registration Spam Comment
http://forums.b2evolution.net/viewtopic.php?t=7915&highlight=modsecurity registration spam is just a nuisance, imo, as it's impossible in the latest version to comment until the email has been validated. That said, seeing the registrations irritates…
Published by village_idiot on 2006-06-13
50%
I figured out the problem. I had to disable modsecurity for the site.
Published by area51 on 2006-10-10
50%
Problema con el link de Contacto Comment
Ask your host to disable ModSecurity for that page, or edit /skins/_msgform.disp.php ¥
Published by yabba on 2010-07-08
50%
Problema con el link de Contacto Comment
Nada, ya borre la linea: $Form->hidden( 'redirect_to', url_rel_to_same_host($redirect_to, $htsrv_url) ); Y sigue el problema, tambien en el ModSecurity puse: SecFilterScanPOST Off o SecFilterEngine Off ke mas puedo hacer
Published by lphn on 2010-07-08
50%
403 error when using admin Comment
It was mod_security doing the blocking, and after 3 attempt locking me out. Anyway, the error given is below so you can see what b2evo was doing - maybe it can be patched fron the inside?;
Published by gcotgreave on 2011-01-30
50%
Voici le message d'erreur tiré du error_log: [Fri May 25 20:08:34 2012] [error] [client 173.178.28.15] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "680"] [id "340160"] [rev "21"] [msg…
Published by polaire on 2012-05-26
50%
Thanks, Francois, is it. It seems sorted now. My host is voosevers.com Can you give it a try now I think I have got it working with a few changes to modsecurity. I will now try and install my old database over the default and see how that runs. Thanks…
Published by amoun on 2013-04-04
50%
Checking logs, I found the error: [:error] [pid 31333] [client xxx.xxx.xxx.xxx ModSecurity: Audit log: Failed to create subdirectories: /usr/local/apache/logs/modsec_audit/xxxxxxxxx/20151009/20151009-1419 (Permission denied) [hostname…
Published by jjthomas on 2015-10-10
50%
Niltze all- Engine X (Nginx) accepted my b2evolution pull request, so now b2evolution recipe is at: https://www.nginx.com/resources/wiki/start/topics/recipes/b2evolution/ Please note that the configuration file works best when setting up an actual…
Published by nanahuatl on 2019-10-04
50%
@northlight wrote earlier: I am wondering why a tool such as Wordpress is expanding - despite all its disadvantages - while B2E is widely unknown. Although some of us, independently, have been promoting b2evolution, i.e., I submitted a starting point…
Published by nanahuatl on 2021-01-25
50%
This is likely not to be a b2evolution issue but a hosting one relating to ModSecurity Try disabling ModSecurity via cpanel for example, temporarily, then ask your host to white list the issue. I have had this numerous times since moving host. Some…
Published by amoun on 2021-04-11
50%
@saunders wrote earlier: Hello, Today, while looking at the analysis results, I discovered an idiosyncratic hack attempt (see Fig. 1) - It is likely to be a java injection. (alert(String.fromCharCode(88,83,83)) ) via ?disp=>…
Published by nanahuatl on 2022-11-25
50%
@saunders wrote earlier: Hello, Today, while looking at the analysis results, I discovered an idiosyncratic hack attempt (see Fig. 1) - It is likely to be a java injection. (alert(String.fromCharCode(88,83,83)) ) via ?disp=>…
Published by nanahuatl on 2022-11-28
50%
Cannot Log into admin.php Support Request
My b2evolution Version: Not Entered Hi, I'm sorry for creating a new post but all my searches didn't help my problem. OK, so I have been using my website for quite a while. Updated it not long ago at a net cafe. Now for some reason whenever I try to…
Published by crazyjadles on 2007-09-17
50%
b2evolution 6.10.7 on nginx 1.15.9 and 1.15.11 Support Request
Niltze all- After much experimentation and frustration at coming up with a base configuration for b2evolution 6.10.7 on Nginx, I came up with the subsequent resource. I used that as a base for a migration away from my own build of Apache 2.4.29 to my…
Published by nanahuatl on 2019-04-15