Hi,
saving my form i've a strange error "Forbidden - You don't have permission to access /administrator/index.php on this server."
Other forms are saved correctly .... and i don't understand where is the problem.
can you help me ?
Hi Paolo,
No problems here (with CFv5.0.9 on Joomla! 3.3). Maybe a server setting issue - though the form isn't very big.
Bob
Hi Bob,
thanks for your fast replay.
can you suggest me where to investigate ?
Paolo
Hi Bob,
thanks again your'e right.
The server says :
"
[Wed Mar 18 11:04:36 2015] [error] [client 193.203.229.20] ModSecurity: Access denied with code 403 (phase 2). Pattern match "php(?:e9568f3[56]-d428-11d2-a769-00aa001acf42|b8b5f2a0-3c92-11d3-a3a9-4c7b08c10000)" at REQUEST_URI. [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/99_asl_jitp.conf"] [line "254"] [id "380800"] [rev "1"] [msg "Atomicorp.com WAF Rules - Virtual Just In Time Patch: PHP Easter Egg Access"] [data "phpe9568f35-d428-11d2-a769-00aa001acf42"] [severity "CRITICAL"] [hostname "test.e-fotoservice.com"] [uri "/administrator/index.php"] [unique_id "VQlNtH8AAAEAC72iOI8AAAB4"]
"
now i'll find the problem ....
thanks
paolo
Hi Bob,
unfortunatly i'm back with the same problem.
It's appears random on some forms ....
One work around was to unload a form delete it and reload.
but not always works ....
can you help me ?
Hi Paolo,
I suggest that you white-list the ChronoForms admin pages in mod-security. ChronoForms uses base64 encoding to 'pack up' the form action data (you can see it if you look at the ChronoForms database tables). From the message you posted it looks as though there are occasional random matches between strings in that data and some of the strings that mod_security is checking for.
Bob
:) 🙂 🙂 🙂 🙂 🙂 🙂 🙂
Bingo .
Bob Thanks a lot.
you solved a big issue i had.
Paolo