Hi,
when i try to submit a post containing an unix path, i get this error message :
Forbidden
You don't have permission to access /phpBB2/posting.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/1.3.33 Server at www.jfree.org Port 80
something like this :
/ usr / bin / X11 / X -force -vfb -x abx -x dbe -x GLX :1 &
without space around '/'
No pb with url which looks like unix path...
I guess theres some regular expression analysing the post message (why??? addslashes(htmlentities($message)) should be enough to prevent any hacking)
This is annoying... could you disable this check...
Paquerette
Forum Issue when post message contains unix path
-
paquerette
- Posts: 10
- Joined: Wed Apr 20, 2005 6:23 pm
- Location: Paris, France
Hi,
it seems that our provider filters the http-request for some reason.
[quote=Support]
Posted by jj on the 15 May 2005 14:12
Shared servers: proton,cation,muon,boson,truth
We have introduced an additional URI inspection security layer on the above shared servers. This has been done with short notice in order to respond to an increased general threat to all shared hosting environments and providers.
The majority of our customers should not notice any difference, however, it is possible that there may be an occasional "false positive" in the intial stages of this implementation. We are examining the audit logs to try to determine any occasional false positive if it occurs and will restructure our rules to accomodate where possible.
If you find that your dynamic elements (forms, bulletin boards, mailforms etc.) are exhibiting a 403 Forbidden error this may be the cause. Please e-mail support@positive-internet.com with the details and we will immediately investigate. Please note 403 Forbidden errors can also occur for unrelated reasons (file permission problems etc.)
We hope that these security improvements will allow for greater stability and peace of mind in general on the shared platforms, however we must stress that for maximum security purposes we always recommend a dedicated / managed server for your web site. This also of course brings in a large number of other benefits and if you would like to discuss the options with us please don\'t hesitate to phone during office hours or e-mail good@positive-internet.com at any time.
[/quote]
Have mo' fun,
said Thomas
it seems that our provider filters the http-request for some reason.
[quote=Support]
Posted by jj on the 15 May 2005 14:12
Shared servers: proton,cation,muon,boson,truth
We have introduced an additional URI inspection security layer on the above shared servers. This has been done with short notice in order to respond to an increased general threat to all shared hosting environments and providers.
The majority of our customers should not notice any difference, however, it is possible that there may be an occasional "false positive" in the intial stages of this implementation. We are examining the audit logs to try to determine any occasional false positive if it occurs and will restructure our rules to accomodate where possible.
If you find that your dynamic elements (forms, bulletin boards, mailforms etc.) are exhibiting a 403 Forbidden error this may be the cause. Please e-mail support@positive-internet.com with the details and we will immediately investigate. Please note 403 Forbidden errors can also occur for unrelated reasons (file permission problems etc.)
We hope that these security improvements will allow for greater stability and peace of mind in general on the shared platforms, however we must stress that for maximum security purposes we always recommend a dedicated / managed server for your web site. This also of course brings in a large number of other benefits and if you would like to discuss the options with us please don\'t hesitate to phone during office hours or e-mail good@positive-internet.com at any time.
[/quote]
Have mo' fun,
said Thomas