1
LOKI2006
Re: Where are the constants set?
  • 2009/10/1 17:27

  • LOKI2006

  • Just popping in

  • Posts: 4

  • Since: 2006/6/8 2


You're right, I use French.

That must be the problem.

Thanks for your time.



2
LOKI2006
Re: Where are the constants set?
  • 2009/10/1 15:52

  • LOKI2006

  • Just popping in

  • Posts: 4

  • Since: 2006/6/8 2


Well...I have exactly the same errors since I upgraded to XOOPS 2.3.3b.

And it is really frustrating, as I can't see anymore my custom block (nor edit them) in the blocks admin menu, while they are displaying correctly on the site.

Quote:

System Overview «
XOOPS Version - XOOPS 2.3.3b
PHP Version - 5.2.5
MySQL Version - 5.0.81-community-log
Server API Version - apache
OS Version - Linux

safe_mode - Off
register_globals - Off
magic_quotes_gpc - On
allow_url_fopen - On
fsockopen - On
allow_call_time_pass_reference - On
post_max_size - 8M
max_input_time - 60
output_buffering -
max_execution_time - 60
memory_limit - 48M
file_uploads - On
upload_max_filesize - 16M



3
LOKI2006
Re: SEO hack for CBB v3.08
  • 2008/6/18 12:49

  • LOKI2006

  • Just popping in

  • Posts: 4

  • Since: 2006/6/8 2


It did not save my life, but at least it saved my week.

I was struggling for a few days with this blank page problem, and then I discovered your great hack.

Nice job.

Thanks a lot.



4
LOKI2006
Re: Forbidden error all of a sudden......
  • 2007/6/6 13:33

  • LOKI2006

  • Just popping in

  • Posts: 4

  • Since: 2006/6/8 2


I had a different problem with the mod_security.

After moving my website to a new hosting company, I was no more able to change templates or to modify my footer.

I did not get any error message, even after having turned on the debug mode.

I contacted the tech support and got the server log:

Quote:

[Wed Jun 6 05:22:29 2007] [error] [client 195.93.102.4] mod_security: Warning. Pattern match "phpsessid" at ARGS_VALUES("xoops_redirect") [msg "XSS attack"] [severity "EMERGENCY"] [hostname "www.destination-casino.com"] [uri "/user.php"]
[Wed Jun 6 09:56:09 2007] [error] [client 195.93.102.4] mod_security: Warning. Pattern match "phpsessid" at ARGS_VALUES("xoops_redirect") [msg "XSS attack"] [severity "EMERGENCY"] [hostname "www.destination-casino.com "] [uri "/user.php"]
[Wed Jun 6 11:30:10 2007] [error] [client 206.53.62.20] mod_security: Access denied with redirect to [/]. Pattern match "<(.|\\\\n)+>" at POST_PAYLOAD [severity "EMERGENCY"] [hostname "destination-casino.com"] [uri "/index.php"]
[Wed Jun 6 11:30:20 2007] [error] [client 206.53.62.20] mod_security: Access denied with redirect to [/]. Pattern match "<(.|\\\\n)+>" at POST_PAYLOAD [severity "EMERGENCY"] [hostname "destination-casino.com"] [uri "/modules/index.php"]
[Wed Jun 6 11:30:31 2007] [error] [client 206.53.62.20] mod_security: Access denied with redirect to [/]. Pattern match "<(.|\\\\n)+>" at POST_PAYLOAD [severity "EMERGENCY"] [hostname "destination-casino.com"] [uri "/modules/news/index.php"]
[Wed Jun 6 12:36:23 2007] [error] [client 195.93.102.4] mod_security: Warning. Pattern match "phpsessid" at ARGS_VALUES("xoops_redirect") [msg "XSS attack"] [severity "EMERGENCY"] [hostname "www.destination-casino.com "] [uri "/user.php"]
----------------


These were the errors generated when trying to edit the tplsource table from PhpMyAdmin.

Looks like the \\\n in the tplsource were considered as an XSS attack

I included the following lines (found on this topic)
<IfModule mod_security.c>
    
SecFilterEngine Off
    SecFilterScanPOST Off
</IfModule>


and everything is back to normal

Thank you Martyboy




TopTop



Login

Username:
Password:

Lost Password? Register now!

Who's Online

58 user(s) are online (24 user(s) are browsing Support Forums)


Members: 0


Guests: 58


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Jun 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits