1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Error Posting Message

Discussion in 'XenForo Questions and Support' started by onyxchase, Apr 30, 2012.

  1. onyxchase

    onyxchase Active Member


    A member on my board is getting this weird ERROR 500 message (which I was able to reproduce) when he tries to write the following message, could anyone help me as to why this could be? It's only for long messages...

    Nothing shows up in the error log from admin panel unfortunately.

    Attached Files:

  2. Digital Doctor

    Digital Doctor Well-Known Member

  3. onyxchase

    onyxchase Active Member

    OK I have diagnosed the problem and it is because of mod_security. Unfortunately I cannot disable it via .htaccess as the new version does not allow this, but it's the first time this ever happened so I'll give it a pass.
  4. onyxchase

    onyxchase Active Member

    There was several other occurrences of this with my members, so I had to literally disable it for my domain name. If someone figures out a way to disable it for just the forum URL, then please let me know. It's be nice to disable it only for like domain.com/xenforo/ ;)

    Here is what I did:

    Added the line:

    SecRule SERVER_NAME "\.domain\.com$" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off"
    In 'modsec2/custom.conf'

    It didn't work via .htaccess.
    Digital Doctor likes this.
  5. Digital Doctor

    Digital Doctor Well-Known Member

    Thanks for the report. I am sure it will help others.

    Depending on your comfort level, disabling mod_security can make your site less secure.
    Many sites probably have it disabled.

    We got mod_security problems when we used these words in the title:


    To fix it we used the censor system to change wget to w-g-e-t , etc.
    We wanted to keep m0d_security on.
  6. onyxchase

    onyxchase Active Member

    I agree. We're technically supposed to let them know of false detections so that they can code it into the mod_security2. But I've had about 150 false detections in the last 2 days alone, with about 15 different unique rules. And I've checked the IPs and they are from legitimate forum users. I've never had this problem with mod_security1. I guess it's more secure, but a pain to work with.

    I think we're 'supposed' to add exceptions to the rules for the domains that have false alarms. I may still do this.
  7. onyxchase

    onyxchase Active Member

    There is also some good info here.

Share This Page