Pls turn off mod_security for my site

[theteamk]

Forbidden

You don't have permission to access /index.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

The above error is what I always encounter on my site whenever i want to submit a long post.

I have talked with the SMF support staff and they have told me to ask you guys to turn off the mod_security. Pls do the same.

 

[theteamk]

Did anyone look into this?

Best Regards

 

[essellar]

It's not going to happen. An abuse prevention regime is not very effective if people can simply say "I'd much rather not have the things preventing me from abusing the server", is it? The best you can hope for is a rules modification, provided that that wouldn't open a hole for anyone to drive through - and you would need to tell the admins which particular rules the software is likely to be breaking (the SMF people can fill you in there).

 

[theteamk]

Thanks for your reply. I have been in touch with the SMF support staff regarding the same too. Can you tell me which rule would be broken if you turn off the mod_security for my site?

Best Regards

 

[bdistler]

Can you tell me which rule would be broken if you turn off the mod_security for my site?

IF mod_security was removed from your site (account) - there would be no mod_security rules to break

the issue is which - if any - mod_security rules can be adjusted or removed

 

[caftpx10]

At the moment, it's the matter of checking the log for a rule hit on your site for that specific page. From there, it could say what rule was triggered. That rule then can be disabled if it's more of a false-positive than an actual security risk.

 

[freedo41]

I had the same error (more or less). But while using vbulletin.
I upgraded so I could turn off ModSecurity.

the issue is which - if any - mod_security rules can be adjusted or removed

^ That's what I'm wondering about. Modsecurity doesn't have to completely be turned off according to this website (vbulletin- at least for what I want to do, which is to edit templates).
And if it is possible, the staff would have to be willing to do it, on a case by case scenario.

Edit:
I asked customer support this:

This was their response:

 

[theteamk]

I have been using SMF since the last few years. This issue has been asked many times on the SMF forums and I even opened a new topic to get help from them. Each time there has been an issue with mod_security. Is there anything that you guys want me to do?

Best Regards

 

[theteamk]

This error has popped out again. I am getting the following error whenever I am trying to make a long post on my SMF forum:

Forbidden

You don't have permission to access /index.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

The above error is what I always encounter on my site whenever i want to submit a long post.


AND SOMETIMES THIS ERROR IS ENCOUNTERED:

Not Acceptable
An appropriate representation of the requested resource /index.php could not be found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


NOTE: I have talked with the SMF developers regarding this. They are willing to help in sorting this out. But, I also require support from the x10hosting support staff too. I have been using x10hosting for 2 years now & it's been a great experience.

 

[Dead-i]

Hi,

Sorry to hear you are still having problems with this. I took a look at your recent account logs, and it looks like mod_security is blocking your request because it is recognising the site "bdv[dot]bidvertiser[dot]com" as a known malware site, leading the request to be denied to protect your website. While we can usually disable certain mod_security rules for your account (in the case of a false positive), this rule is designed to prevent users submitting malicious content to your site, and this isn't something I would want to disable.

Thank you,

 

[theteamk]

Hi,

Sorry to hear you are still having problems with this. I took a look at your recent account logs, and it looks like mod_security is blocking your request because it is recognising the site "bdv[dot]bidvertiser[dot]com" as a known malware site, leading the request to be denied to protect your website. While we can usually disable certain mod_security rules for your account (in the case of a false positive), this rule is designed to prevent users submitting malicious content to your site, and this isn't something I would want to disable.

Thank you,

Thanks for helping.

I do not want to use bidvertiser. As you would have read, this error is encountered when I am trying to submit a long post as I have even mentioned in the OP. Can you help me out with that?

This might help you: http://www.simplemachines.org/community/index.php?topic=512176.0

 

[Dead-i]

Hi,

A bidvertiser script tag was in a recent request from your IP address, which was blocked.

We do not impose any limitations on the length of any requests, so this wouldn't trigger a forbidden error. It is usually triggered by something in the content you are submitting. Please could you give me a full URL to where you see the Forbidden error, and I'll see what's happening?

Thank you,

 

[theteamk]

Hi,

A bidvertiser script tag was in a recent request from your IP address, which was blocked.

We do not impose any limitations on the length of any requests, so this wouldn't trigger a forbidden error. It is usually triggered by something in the content you are submitting. Please could you give me a full URL to where you see the Forbidden error, and I'll see what's happening?

Thank you,

Here is the link to the topic:
http://theteamk.x10.mx/index.php?topic=541.0

I was also getting an error when I was editing some of my older posts too. This is one of them.