Send form get forbidden

Status
Not open for further replies.
Patrick.B

Patrick.B

Member
Messages
96
Reaction score
4
Points
8
Hi X10 :) !

Actually i'm building a php form send to MySQL, and when i'm trying to test, sometimes I receive a Forbidden error.

So, I have search how this came from, and at this point, i'm not sure.

This error is intermitted and only depending on wich words I insert in the forms. I try to do a FilterScanpost OFF in the .htaccess, but seem to not working well ..

The .htaccess test here
Code: 
<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off
</IfModule>

When I want to check if secure module is active with a simple phpinfo() function it return me the Forbidden error.

I don't post the full code because the problems is intermitted and seem to be from the "badwords", when I use different words, the form is sended correctly into the DB.

Note: the specific DB line is set to "VARCHAR" at 3000 size and when i'm trying to insert sometings i'm only using 5 or 10 words.


Thank's in advance to people help me :cry:
 
C

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
As far as I'm aware, mod_security2 does not allow people to control mod_security2 via htaccess files. This means that you can't turn it off yourself on your account.
 
Patrick.B

Patrick.B

Member
Messages
96
Reaction score
4
Points
8
Hi caftpx10 !

It make sens, but, I would like to insert "Create style table in css." this simple sentence get my Forbidden error page, but if I write "Create style css." this one will be sended correctly, it's annoying.

Every poeple insert text in a DB have to found the bad word or you know a workaround ?
 
C

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
So "in" is the one being prevented from submission. Interesting.
 
Patrick.B

Patrick.B

Member
Messages
96
Reaction score
4
Points
8
Yes and No .. I shoot some example.

Create style table in css. | FORBIDDEN
Create style table css. | FORBIDDEN
Create style in css. | OK NO ERROR
in css. | OK NO ERROR
Create style tableeee in css. | OK NO ERROR
table in css. | OK NO ERROR
test test test test test test table in css. | OK NO ERROR
Create table in css. | OK NO ERROR

So as you can see, I delete random word and it's ok, but the complete sentence never accepted.

If you need, I can give you the link and a user/pass test to try on your-side.
 
Patrick.B

Patrick.B

Member
Messages
96
Reaction score
4
Points
8
Create table style in css. | OK NO ERROR
Table create style in css. | OK NO ERROR


So, that seem if I reorder this, all work fine, but .. this time it's a 5 words sentence, when I will write a 3 000 word block, how can i determine which word cause problems, and it make no sens to block some words ordre sound like this..

I have to find a way to correct this situation and system have to let me write all the text I need.

I'm very very confusing :banghead:
 
Dead-i

Dead-i

x10Hosting Support Ninja
Community Support
Messages
6,084
Reaction score
368
Points
83
Hi Patrick,

Please could you provide me with the URL of the Forbidden page?

Thank you,
 
J

jahlinmo

New Member
Messages
10
Reaction score
0
Points
1
hey! my names jah and I'm still working on this site but I'm stuck and I need your help. I've been trying to set my email up for the last few days. not really sure how to get that working (Where an email sent from viewer on my page and goes to my email) http://2feelitreal.com/index.php/get-in-touch/ I set it up and even had someone look at it for me but they said it's something within xhosting.

not sure what it is. any help would be appreciated'
 
C

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
jahlinmo said:
hey! my names jah and I'm still working on this site but I'm stuck and I need your help. I've been trying to set my email up for the last few days. not really sure how to get that working (Where an email sent from viewer on my page and goes to my email) http://2feelitreal.com/index.php/get-in-touch/ I set it up and even had someone look at it for me but they said it's something within xhosting.

not sure what it is. any help would be appreciated'
Click to expand...
Please create your own thread in regards to that issue. This thread is something completely different. :)
 
Patrick.B

Patrick.B

Member
Messages
96
Reaction score
4
Points
8
Dead-i said:
Hi Patrick,

Please could you provide me with the URL of the Forbidden page?

Thank you,
Click to expand...

Hi Dead!

*old link deleted*

This is the full link when I got the Forbidden error.

note: When i'm writing, i'm at "*old link deleted*" and I click submit and get stuck at the same url and get forbiden.
second_note: All the code is by me, it's not a third-software or anything like that.
 
Last edited:
C

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
At the moment, I'm more blank than a blank page.
----------------
Alrighty, so from the looks of what you've typed, it does look similar to how a SQL query may look. Mod_security2 could have a rule to do with that in place.
 
Status
Not open for further replies.
Top