Error 406

hello
I have had problems with the error 406 with FC.

I have add in my .htaccess the order to inhibit the security check and it was working.

I have a new site with a new provider. the htaccess was not installed.

I've got the 406 error after updating an article in FC.

After the error 406 I got some information from the provider which may perhaps help to find the origin of the problem :

the message sent by the provider :

Je viens de débloquer votre IP et j'ai trouvé la cause, cela viens bien du mod_security qui prend votre module tiny_mce comme une attaque SQL Injection,

english translation :
I've just unblocked your IP address. I have found the origin. The mod_security thinks that your module tiny_mce is a SQL injection attack.

May it help to find the problem of error 406

best regards
Michel

Could it be that your local workstation and as a result it really tries to make an SQL injection to the site?

did you add some text like 1=1 5=5 or something similar in your text?

Please send me a PM with admin login and tell which item to edit and save , or what to do that for you cause error 406.

Regards

Presently the provider has created a rule to trigger error 406.

I'm contacting him to create a space like it was at the moment I've got the error last week.

Once done, I will create a test site and give you the access as super admin.

I contact you when it's ready

best regards

Michel

Hi developers!
Great Components, guys! Seen anything like it!

But as soon as I push the button to create the item, the site blocking and gives a constant error 406.
Separate control module provider can not change, and disable the module mod_security do not want.

How can I fix it?

Thank you!

There are 3 cases,

- 1. either you browser is hijacked
- 2. either some files in you installation has been changed
- 3. or this is false-positive of mod_security, aka some rule is matched by mod_security and recognizes something in the posted data as attack

-- mod_security can create millions of combinations of custom rules, can you tell us from the logs which custom rule was triggered?

(the log will include part of the matched text data that was identified as attack)

Besides the above also please take a look at this:

www.modsecurity.org/blog/archive ... false.html

I have the latest version of the component.
The system is well protected and free from viruses.
Error 406 occurs in Chrome and Internet Explorer at 3 different sites.
But they are all on the same host.

So the conclusion is this: of the FLEXIcontent module mod_security perceived as malicious.

It is unfortunate that this occurs with FLEXIcontent, not with K2, ContentBuilder, Cobalt and other.

It is unfortunate that this occurs with FLEXIcontent, not with K2, ContentBuilder, Cobalt and other.

How is this relevant ?? at all, :shock:
i could make mod_security rules to match any web software as malicious, what would that mean ??? 10 rules to match K2, 10 rules to match ContentBuilder, etc

Maybe I was mis-understood, i ll try to be more detailed bellow

1. the problem is not with FLEXIcontent
but with a mod_security rule that make a false positive

2. the creators of mod_security describes exactly this

3. A FALSE-POSITIVE is when a matching rule wrongly matches something that was not meant to be matched,

4. Many well know software web or desktop have been matched as virus by mod_security or anti-virus programs, this is the definition of a FALSE-POSITIVE

5. Despite the fact that this is not a FLEXIcontent issue at all , but problem with a --CUSTOM-- mod_security rule installed in server, we are willing to work with you to find what is happening , but to fix what????
guess your custom mod_security rule out of million combinations ? How could that be possible?

6. We install FLEXIcontent on SHARED servers of well-known provider that hosts millions of sites, they do not have the custom mod_security rule that you have.

In short
a. it is the responsibility of the rule maker to make rules that do not create false positives !!

b. despite the above we are willing to look into this,
but please look at the logs to find the rule that was matched and ask your administrator to fix it, also if this rule is important we will try to change FC code so that it will not be matched,

it could be as simple as adding a space into our code that will prevent the rule from being matched, (and if this mod_security rule is important or very common we are willing to do it)

but please tell us the rule that was matched !!

thank you so match for taking time to read the above

Best Regards

Okay, I'll try to find a provider that causes an error in the module mod_security.
In the worst case, I will ask him to turn off the module and have a look whether the component is correctly working.

Thank ggppdk for wanting to help!

Yes but you do not need to turn off the module

e.g.
- if you have 20 rules you may turn off only 1 of them (or modify this rule to be more "smart")

- also if this rule is common or important , we are willing to examine changes to our code so that the false-positive

So it would help us (you and other that may have similar mod_security rule) to know which rule was match
please ask administrator to copy-paste and send you a few lines out of apache log that tell which rules was trigger and what text was matched

Best Regards