Guessing you have urmm ... bugger .. some apache thing ... urm mod_security installed? Either that or you're running on IIS ?

If it's IIS :
IIRC, it's to do with relative redirects you can cure it by finding the header_redirect() function and uncommenting the absolute redirect code

If it's mod_security ( or whatever it's called ... it's been a *very* long day ) :
Either search for a post by whoo about how to disable it or hope like hell the above fix also works

If it's neither :
Good luck :D

¥

It's Apache, and it's hosted, so if indeed it is something that I cannot cover off via my own subdirectory .htaccesses or somewhere in the B2E code, then I might be in some serious trouble!

I'll give the header_redirect() function a try later tonight once I'm out from behind the corporate firewall, and see whether I can tell from CPanel whether mod_security is around.

If it does turn out to be mod_security, then I thank you for pointing me in that direction. I found this relevant page: http://www.village-idiot.org/tag/mod_security/page/3/

They say:

A few folks are rambling on about mod_security and what it is doing to their ability to post content to their blogs.

...and their idea for solving it is:

The solution is simpler than you think -

Create an .htaccess and put the following into it:

SecFilterInheritance Off

Upload that .htaccess into the admin area of your blog. For WP users, that's /wp-admin, for b2e users that's /admin …

That looks even more promising!

I'll post the success or failure story later on.

Thanks,

-- Ritchie

/I feel stupid without the Internet

That's the idiot I was looking for, glad you found her ;)

With a tad of luck I'll be a smidge more compis ... compes ... compess ... ack, that latin stuff for "a smidge less brain dead" ... it really has been a long day ... anyway, with a tad of luck I'll be a smidge more that if you still have problems by then ;)

¥

Adding in the "SecFilterInheritance Off" worked like a treat!

Thank you! (And the village idiot! :)

It worries me a little bit, though, because admin.php itself is fairly high up in the tree. Am I leaving myself open for spammed registrations this way?

-- Ritchie

I'm pretty sure you can turn it off on a per file basis, but I'm still brain dead ( but at least the new roof is on :D ) so you'd need to google again.

Also, you can add an htaccess to all subfolders re-enabling it ( comments/registration/trackbacks/et al go via /htsrv/ )

¥

*sigh* My web host has just done something to disable SecFilterInheritanceOff. I can tell, because if I hash-comment out the line in .htaccess, I no longer get a Server Error 500.

How the heck are we supposed to work with things like b2evolution under these sorts of restrictions?!