On Friday 27 March 2009 13:24:20 Christian Ridderström wrote:
> On Thu, 26 Mar 2009, Christian Ridderström wrote:
> > Here's what I found in the error log:
> >
> > [Thu Mar 26 00:18:34 2009] [error] [client 201.38.240.167] ModSecurity:
> > Access denied with code 400 (phase 2). Pattern match
> > "\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:text. [id
> > "950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"]
> > [hostname "wiki.lyx.org"]
> > [uri "/LyX/LyxFunctions?action=edit"] [unique_id
> > "t-bZsNTJRSsAAFdQ568AAAAB"]
>
> Further investigations indicate that the problem is that mod_security
> detects a '%' in one of the POSTed arguments, i.e. the argument that
> contain the wiki markup for the page.
>
> This means that with the current configuration of ModSecurity, it will
> protest whenever you try to save a page containing a '%' in the markup.
> *sigh*
>
> ModSecurity is presumably there for a reason.. so: Does anyone have any
> experience on how to deal with this kind of situation? Or simply ideas?Please see : http://pmwiki.org/wiki/PmWiki/Troubleshooting#mod_security You can also search the mailing list archives : http://search.gmane.org/?query=mod_security&group=gmane.comp.web.wiki.pmwiki.user This is a frequent question, and unfortunately sometimes nothing can be done. A hosting provider using mod_security to block percents is overly paranoid, and their competence can be questioned. You need to add percent signs, both to use PmWiki's %style% markup, and to link to some external sites like Wikipedia. And most likely other software (wiki, blogs, CMS) will also have problems. Thanks, Petko _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
