General Support2 fplanque Apr 04, 2019 10:32
b2evolution CMS Support Forums- b2evolution Support
- General Support
- urls in excerpt stopped post from being saved
1 amoun Apr 03, 2019 22:31
Hi
I came across this weird issue in trying to update a post https://calstock.org.uk/vow.php/alcohol/rum
It would not save I get a 403.
I tried other posts and pages all which I could edit.
I removed the content in case there was an issue, all it had was 4 urls - No luck
So I deleted the extract that had been automatically created, that's it - saved fine. But of course it re-entered the extract so next time it wouldn't save :) so I have had to uncheck the ' Auto-generate excerpt from content' option.
This was the problem extract
https://www.vinceremos.co.uk/product/organic-golden-rum-papagayo/
https://www.caribjournal.com/2016/12/09/first-organic-rum/#
https://www.klwines.com/Products/i?i=1054912
I didn't try with just one url or a more simple one etc.
3 fplanque Apr 04, 2019 10:40
Hello,
The following frequent issues seem to apply to your post: (This is a semi-automated response):
- The error screen you show is not generated by b2evolution. It seems to be generated by the webserver (apache...) or a security module of the webserver that blocks the request before b2evolution even has a chance to start executing.
(Just trying out the semi automated response plugin ;)
4 amoun Apr 04, 2019 11:38
Ok Just to clarify,
1) the 403 error page is mine and in the root with b2evo
2) I am about to chat to the hosts it may be related to a mod_security rule as was
https://forums.b2evolution.net/editing-demo-user-profile
Just checked the issue again
Ensured the text in the post was without line breaks and copied and pasted to excerpt, then got the 403, so the way the excerpt is passed is different that the way a post is passed and must some how cause a security concern.
5 amoun Apr 04, 2019 11:45
Sorted by host.
A mod_security rule it was, again
msg "Atomicorp.com WAF Rules: Remote File Injection attempt in ARGS (admin.php)"
But why does it happen with specific text in the excerpt when the same text in the post is fine, it seems that it has something to do with admin.php being used in the case of the excerpt whereas it may not be used in updating the post text ???
6 fplanque Apr 04, 2019 23:03
Click on mod_security and read what we have to say about it :p
7 amoun Apr 06, 2019 12:16
Hi
Thanks
Did I see somewhere in 6.11. the option to change admin to &*&^)
Added $admin_url configuration variable for those who want to move/rename the admin.php file.
So with no admin.php it could be fine ?
8 fplanque Apr 07, 2019 13:38
Maybe.
9 amoun Apr 07, 2019 17:00
OK :0
But is it necessary in the first place to use admin.php as in : why is it invoked in the case of sending [excerpt text data] but not [post text data]
or it it used in both but somehow the mod_security seems them different, what is transferred with the excerpt that could trigger the mod-security.
Think I'm caught in a loop here and repeating myself :(
10 fplanque Apr 07, 2019 17:41
It is used in all cases and I think very lowly of mod_security.
11 amoun Apr 07, 2019 17:44
So mod_security must pick up on something. I'll try and get the host to give me more detail. Thanks
UPDATE: That's it No more detail :(
That 403 error you show is NOT generated by b2evolution but by something else which seems to block the request before b2evolution starts to execute.