XF 1.4 500 error on addon installation

[Talaysen]

I've been getting a 500 error on addon installation, for all addons.
I've set the 'data' and 'internal_data' folders (and subfolders) to '777'.

Sometimes I get the error the second I click 'Install addon', other times, it'll happen at any point during the run-deferred process. Usually I have to uninstall the addon and re-install it, often two or more times, before it will successfully complete installing an addon.

Often, when it fails (and I get the 500 error), depending on where it failed, portions of the addon (say, the admin options for that particular addon) will be completely borked.

This is occurring from a completely clean install of XenForo, on a brand new cPanel account, with no other installed software. This is shared hosting, but I've ran XenForo previously on the same server without this issue.

This occurs with or without full friendly URLs enabled/disabled, and with/without the appropriate .htaccess in place.

Any suggestions/tips appreciated, this is driving me bananas.

 

[Paul B]

Can you check the server error log?

It may shed some light on the error being thrown.

You can ask your host for help with obtaining the log, if you don't know where it is on the server.

 

[Talaysen]

Hm, is this the 'error_log' from the public_html folder? Or is that specific to XenForo? File is empty.

 

[Talaysen]

I have noticed that for some reason the 'data' and 'internal_data' files keep changing back to 755.
I've tried setting them through cPanel and through my FTP client, and if I refresh, it's back to 755.

Hmm, it seems that this only applies to the 'data' and 'internal_data' folders, but not the sub-folders that were modified recursively.

 

[Paul B]

The error log is typically in /var/log/httpd or similar.

If the directory permissions are changing then that is something being applied/forced by the server configuration/host.

 

[Talaysen]

I've filed a ticket with the host, my /logs/ file is empty, so I'm assuming that any logging that's occurring happens outside of what I have access to.
I'm running out of ideas, and I've been able to replicate the problem on a clean installation several times.

I'm thinking I'm going to drop LAMP on a VPS and see what kind of results I can get.
I have to assume that it's something to do with either mod_security, or some other sort of restrictive setting on their service. Shared hosting is my nightmare.
If they get back to me with a solution, I'll reply with it. This never occurred with this host previously, but it's always possible they updated or added more restrictions to their service in the time that's elapsed.

 

[Talaysen]

Alright, I outlined the issue with my host in a support ticket:

Hm, that issue that I thought was being caused by the .htaccess from the other software is persistent, so my initial assumption was incorrect that the two were related. It was causing problems when the forum software was on a lower directory in the hierarchy than that site software, but since this particular problem is persistent on a separate cpanel account, installed by itself, the two can't be related.

What's happening is when I try to install addons for the XenForo software, somewhere at a random point in the installation process, it fails, resulting in an 500 internal server error. So far as I can tell, there's no relevant errors in the error logs that I have access to, that explain why this might be ocurring.

This is actually a pretty painful issue, because when the addon installation fails, at any point, the installation is basically 'corrupt', making it very difficult to uninstall/re-install.

I do know that the /data/ and /internal_data/ directories (and sub-directories) need to be CHMOD 777.
I've tried manually adjusting these via FTP and cPanel, both, but it seems like I can only impact the sub-directories of these two folders.
The actual 'data' and 'internal_data' directories keep reverting back to 755.

They responded with the following:

This is being caused by mod_security rule: https://www.atomicorp.com/wiki/index.php/WAF_330792

Please list the subdomains that you want to have this rule whitelisted for.

I had them whitelist the domain in question for this rule and it resolved the issue.
I've been able to install the remainder of my addons without issue.

 

[Paul B]

Glad to hear it.

Mod_security can be a pain - we get a lot of reports related to it but most of the time it is obvious that it's mod_security related as a more "user friendly" error message is shown.