Error 406

More
11 years 8 months ago #34744 by AndreyS
Replied by AndreyS on topic Error 406
I have the latest version of the component.
The system is well protected and free from viruses.
Error 406 occurs in Chrome and Internet Explorer at 3 different sites.
But they are all on the same host.

So the conclusion is this: of the FLEXIcontent module mod_security perceived as malicious.

It is unfortunate that this occurs with FLEXIcontent, not with K2, ContentBuilder, Cobalt and other. :(

Please Log in or Create an account to join the conversation.

More
11 years 8 months ago #34756 by ggppdk
Replied by ggppdk on topic Error 406

It is unfortunate that this occurs with FLEXIcontent, not with K2, ContentBuilder, Cobalt and other.


How is this relevant ?? at all, :shock:
i could make mod_security rules to match any web software as malicious, what would that mean ??? 10 rules to match K2, 10 rules to match ContentBuilder, etc

Maybe I was mis-understood, i ll try to be more detailed bellow

1. the problem is not with FLEXIcontent
but with a mod_security rule that make a false positive

2. the creators of mod_security describes exactly this

3. A FALSE-POSITIVE is when a matching rule wrongly matches something that was not meant to be matched,

4. Many well know software web or desktop have been matched as virus by mod_security or anti-virus programs, this is the definition of a FALSE-POSITIVE

5. Despite the fact that this is not a FLEXIcontent issue at all , but problem with a --CUSTOM-- mod_security rule installed in server, we are willing to work with you to find what is happening , but to fix what????
guess your custom mod_security rule out of million combinations ? How could that be possible?

6. We install FLEXIcontent on SHARED servers of well-known provider that hosts millions of sites, they do not have the custom mod_security rule that you have.

In short
a. it is the responsibility of the rule maker to make rules that do not create false positives !!

b. despite the above we are willing to look into this,
but please look at the logs to find the rule that was matched and ask your administrator to fix it, also if this rule is important we will try to change FC code so that it will not be matched,

it could be as simple as adding a space into our code that will prevent the rule from being matched, (and if this mod_security rule is important or very common we are willing to do it)

but please tell us the rule that was matched !!

thank you so match for taking time to read the above

Best Regards


-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing with a 5-star...

Please Log in or Create an account to join the conversation.

More
11 years 8 months ago #34759 by AndreyS
Replied by AndreyS on topic Error 406
Okay, I'll try to find a provider that causes an error in the module mod_security.
In the worst case, I will ask him to turn off the module and have a look whether the component is correctly working.

Thank ggppdk for wanting to help!

Please Log in or Create an account to join the conversation.

More
11 years 8 months ago #34760 by ggppdk
Replied by ggppdk on topic Error 406
Yes but you do not need to turn off the module

e.g.
- if you have 20 rules you may turn off only 1 of them (or modify this rule to be more "smart")

- also if this rule is common or important , we are willing to examine changes to our code so that the false-positive

So it would help us (you and other that may have similar mod_security rule) to know which rule was match
please ask administrator to copy-paste and send you a few lines out of apache log that tell which rules was trigger and what text was matched

Best Regards


-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing with a 5-star...

Please Log in or Create an account to join the conversation.

More
11 years 8 months ago #34763 by AndreyS
Replied by AndreyS on topic Error 406
That is the problem that the provider can not change any of the rules. It can only disable the module completely. I would request you remove it to make sure 100% that the problem mod_security.

But I understand you! First know that there they have a rule set!

Thanks for the clarification!

Please Log in or Create an account to join the conversation.

More
11 years 8 months ago #34765 by ggppdk
Replied by ggppdk on topic Error 406
Ok they cannot change the rules, OK

but they can look at the log and copy-paste the rule that was matched , and then you will tell us, and if this is common rule
we could change FLEXIcontent code so that it is not matched.

Please if possible ask them to send you the log that was matched.

e.g. if you triggered the rule at about 7:36, you could tell them the rule was trigger at about 7:36 and they will find and copy-paste the relevant log lines

Thanks


-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing with a 5-star...

Please Log in or Create an account to join the conversation.

Moderators: vistamediajoomlacornerggppdk
Time to create page: 0.382 seconds
Save
Cookies user preferences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Essential
These cookies are needed to make the website work correctly. You can not disable them.
Display
Accept
Analytics
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics
Accept
Decline