mod-security rules - where do I go from here?

_Al

_Al

Member
I encountered the error mentioned here: https://xenforo.com/community/threa...details-may-be-in-the-browser-console.191431/ and dutifully contacted my host.

Their response:

While checking this issue in detail, we could able to understand that your website is built using the XenForo platform. In the below forum thread, we can see the encounter of similar issues for the platform. Upon checking further, we can see that the server-side security mechanism(mod-security rules) is blocking certain actions on the website.

As you have hosted the website in a shared environment, it is impossible to whitelist the mod-sec rules that are being triggered now. Alternatively, you can host the website in a dedicated vps to overcome this issue. In the dedicated server, you can whitelist or disable the mechanism as per your choice.
Click to expand...

Where do I go from here? Is anyone hosting xF successfully on shared hosting without this problem cropping up? I'm stuck. I can't launch a forum what doesn't work!

Help!

Al
 
Sort by date Sort by votes
Which host is it?

Find a new one - there are many shared hosts which will deal with issues such as that without forcing an upgrade to a VPS.
 
Upvote 0 Downvote
AzH said:
Does anyone have a recommendation for a shared host which won't screw me over with mod-security rules?
Click to expand...
I use a small Canadian provider called Crocweb and have never had issues like that. I have had to bug them about out-of-date software at times (e.g. MariaDB was behind at one point), though, so not perfect. Seems fine otherwise but being a small site without load issues, we aren't that picky.
 
Upvote 0 Downvote
AzH said:
Does anyone have a recommendation for a shared host which won't screw me over with mod-security rules?
Click to expand...
xenforo.com

mattwservices.co.uk - Server Configuration / Hosting / Support

I've not really put anything on here to advertise myself before, as people have just been contacting me to request work be done. Here is what I'm available to do. Server Management Services Server Configuration (CentOS / Cpanel) Apache setup Nginxcp setup Switch MySQL to Percona / MariaDB...
xenforo.com xenforo.com
@MattW is one of the few folks I would trust at core level on my installs.
I have never seen a complaint one about his hosting here and he's very familiar with XF. And as you can see from that thread.. he's been around here a while.
He may not be the cheapest around.. but if you want a stable platform that performs well....
 
Upvote 0 Downvote
I've been playing around with different browsers and different accounts. This is a brand new forum and there are only two accounts, both created by me. The issue occurs on the main admin account. It doesn't happen on the other member account. Any suggestions? I'm getting a massive headache about this!


EDIT: Toggling BB code makes a difference. If I have rich text editor it throws up the error. If I have BB editor on it works. How terribly strange!

EDIT2: Posting a thread or replying to a thread with rich text editor - as long as it includes some edits to the text causes the issue. If I turn off rich text and use just BB it posts just fine. Is this a xenForo issue or a server issue?
 
Last edited:
Upvote 0 Downvote
Tracy Perry said:
You pretty much answered your question.... if it is a XF action that is triggering their ruleset and they aren't willing to whitelist it... time to look for a new host.
Click to expand...
...and now they have whitelisted. They have edited .htaccess as follows:

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

...and whitelisted the specific mod-security rule ID '941100' for my account.

As above Edit2, The error only strikes when posting a thread or replying to a thread with rich text editor - as long as it includes some edits to the text causes the issue. If I turn off rich text and use just BB it posts just fine.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

R
  • Solved
XF 2.2 Unwelcome message PHP functions disabled by hosting site
Replies
2
Views
527
Paul B
Paul B
Semper Fidelis
  • Question Question
XF 2.2 Thread creation problems for one user on one forum
Replies
12
Views
600
Semper Fidelis
Semper Fidelis
thedunes
  • Question Question
XF 2.2 Where do I store the JPG for a custom user badge?
Replies
5
Views
320
thedunes
thedunes
Paul B
  • Locked
  • Sticky
  • Question Question
XenForo Cloud FAQ
Replies
0
Views
5K
Paul B
Paul B
digitalpoint
Cloudflare optimizations for XenForo
7 8 9
Replies
175
Views
17K
digitalpoint
digitalpoint
Top Bottom