2006-01-24, 12:00 AM
Not sure if this is a bug or if something just went wrong...
I get a 404 error when I try to expand the UserCP templates (in the AdminCP).
I get a 404 error when I try to expand the UserCP templates (in the AdminCP).
2006-01-24, 12:00 AM
2006-01-24, 05:27 AM
Duplicate.
it is not a bug. you can contact your host administrator. it is in result of security policy of host administration
it is not a bug. you can contact your host administrator. it is in result of security policy of host administration
2006-01-24, 06:01 PM
Moved to general support.
2006-01-24, 06:07 PM
imei Wrote:Duplicate.Could you possibly be more specific? Why would I be able to edit some of the templates but not others?
it is not a bug. you can contact your host administrator. it is in result of security policy of host administration
2006-01-24, 06:19 PM
your host security modules are sensetive to some words.
my host for example dont accept ant POST that have "uname -a" string.
some days ago one other report this and one of devs(i forget him) say guess that it was usercp template. he gessed true and after that we know that it is security policy of host.
you may(may) can access to this template with some altering. i could post uname -a with two spaces. you may can do same.
my host for example dont accept ant POST that have "uname -a" string.
some days ago one other report this and one of devs(i forget him) say guess that it was usercp template. he gessed true and after that we know that it is security policy of host.
you may(may) can access to this template with some altering. i could post uname -a with two spaces. you may can do same.
2006-01-24, 09:09 PM
Does anyone know what command this is trying to run?
2006-01-24, 09:24 PM
Message from my host:
The rules we have in place in mod_security are there because of problems in the past with insecure bulletin board software such as phpBB. I guess that your software is similar in some regard and that is why mod_security is blocking it. Perhaps you should see if there is a workaround that does what you are trying to do without opening up the security holes that allowed phpBB to be exploited?
Thanks.
The rules we have in place in mod_security are there because of problems in the past with insecure bulletin board software such as phpBB. I guess that your software is similar in some regard and that is why mod_security is blocking it. Perhaps you should see if there is a workaround that does what you are trying to do without opening up the security holes that allowed phpBB to be exploited?
Thanks.
2006-01-25, 04:43 AM
BaselineAce Wrote:Message from my host:I realy didn't find any sensetive command in user cp expanding template. i am likely sure that there is in result of checking URL. but may i mistake. you can check it your self.[ my host has not this problem] copy sensetive URL and delete folder of admin form it and let it execute.
The rules we have in place in mod_security are there because of problems in the past with insecure bulletin board software such as phpBB. I guess that your software is similar in some regard and that is why mod_security is blocking it. Perhaps you should see if there is a workaround that does what you are trying to do without opening up the security holes that allowed phpBB to be exploited?
Thanks.
i mean for example if you face error in executing thi url:
http://www.myimei.com/forum/admin/templa...rcp#usercp
make it this way:
http://www.myimei.com/forum/templates.ph...rcp#usercp
[admin folder deleted from url]
and see result. file not found or forbiden error shows?
imei