I know this has been adressed in other threads too - but i cannot find any solution other than to disable mod_security, which is not an option if you do not want to be hacked!
The problem occures when I try to create a new list. I get in to the list creation view but the tiny mce editor is not shown and when I go back I get an 406 error.
My host tells me this:
The problem is data in some cookies which looks like an SQL injection.
There are several pages that generate the block but it is almost always the same error. Is is primarely pages in tiny mce that generates the block. Like:
tiny_mce/plugins/paste/editor_plugin.js
tiny_mce/plugins/insertdatetime/editor_plugin.js
tiny_mce/plugins/searchreplace/editor_plugin.js
tiny_mce/plugins/emotions/editor_plugin.js
tiny_mce/plugins/table/editor_plugin.js
tiny_mce/plugins/media/editor_plugin.js
tiny_mce/plugins/directionality/editor_plugin.js
tiny_mce/plugins/advhr/editor_plugin.js
tiny_mce/plugins/fullscreen/editor_plugin.js
tiny_mce/plugins/layer/editor_plugin.js
tiny_mce/plugins/style/editor_plugin.js
tiny_mce/plugins/xhtmlxtras/editor_plugin.js
tiny_mce/plugins/visualchars/editor_plugin.js
tiny_mce/plugins/nonbreaking/editor_plugin.js
tiny_mce/plugins/visualblocks/editor_plugin.js
tiny_mce/plugins/wordcount/editor_plugin.js
tiny_mce/plugins/template/editor_plugin.js
tiny_mce/plugins/advimage/editor_plugin.js
tiny_mce/plugins/advlink/editor_plugin.js
tiny_mce/plugins/advlist/editor_plugin.js
tiny_mce/plugins/autosave/editor_plugin.js
tiny_mce/plugins/contextmenu/editor_plugin.js
tiny_mce/plugins/inlinepopups/editor_plugin.js
The following line was logged by ModSec when the error occures:
Access denied with code 406 (phase 2). Pattern match "\\b(\\d+) ?= ?\\1\\b|[\'\"](\\w+)[\'\"] ?= ?[\'\"]\\2\\b" at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "98"] [id "1234123413"] [msg "SQL Injection Attack"] [data "0=0"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"]
Is it not possible to get around this, code wise instead of server wise???
The problem occures when I try to create a new list. I get in to the list creation view but the tiny mce editor is not shown and when I go back I get an 406 error.
My host tells me this:
The problem is data in some cookies which looks like an SQL injection.
There are several pages that generate the block but it is almost always the same error. Is is primarely pages in tiny mce that generates the block. Like:
tiny_mce/plugins/paste/editor_plugin.js
tiny_mce/plugins/insertdatetime/editor_plugin.js
tiny_mce/plugins/searchreplace/editor_plugin.js
tiny_mce/plugins/emotions/editor_plugin.js
tiny_mce/plugins/table/editor_plugin.js
tiny_mce/plugins/media/editor_plugin.js
tiny_mce/plugins/directionality/editor_plugin.js
tiny_mce/plugins/advhr/editor_plugin.js
tiny_mce/plugins/fullscreen/editor_plugin.js
tiny_mce/plugins/layer/editor_plugin.js
tiny_mce/plugins/style/editor_plugin.js
tiny_mce/plugins/xhtmlxtras/editor_plugin.js
tiny_mce/plugins/visualchars/editor_plugin.js
tiny_mce/plugins/nonbreaking/editor_plugin.js
tiny_mce/plugins/visualblocks/editor_plugin.js
tiny_mce/plugins/wordcount/editor_plugin.js
tiny_mce/plugins/template/editor_plugin.js
tiny_mce/plugins/advimage/editor_plugin.js
tiny_mce/plugins/advlink/editor_plugin.js
tiny_mce/plugins/advlist/editor_plugin.js
tiny_mce/plugins/autosave/editor_plugin.js
tiny_mce/plugins/contextmenu/editor_plugin.js
tiny_mce/plugins/inlinepopups/editor_plugin.js
The following line was logged by ModSec when the error occures:
Access denied with code 406 (phase 2). Pattern match "\\b(\\d+) ?= ?\\1\\b|[\'\"](\\w+)[\'\"] ?= ?[\'\"]\\2\\b" at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "98"] [id "1234123413"] [msg "SQL Injection Attack"] [data "0=0"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"]
Is it not possible to get around this, code wise instead of server wise???