Search the Community
Showing results for tags 'mod_security'.
-
Trying to deploy a PW site to a client's hosting provider. Everything works as expected in development, but on the production host, certain AJAX requests fail. Here's what I'm seeing: 1) I have form on every page which is submitted via AJAX POST to the current page. No matter which page you POST to, it always returns a PW 404 page. 2) AJAX image uploads on the back end return a 200 or 302 for the original request, then spawn a GET request for the homepage. In trying to troubleshoot this, I have found that the host has both suhosin and mod_security installed. They've provided me with a local php.ini to test configuration changes. I've added the following to .htaccess (temporarily): # account-specific php.ini file <IfModule mod_suphp.c> suPHP_ConfigPath /home/[username] <Files php.ini> order allow,deny deny from all </Files> </IfModule> # disable mod_security <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule> In the php.ini file, I've set the following directives: suhosin.simulation = On always_populate_raw_post_data = -1 I've also set a specific directory for uploads: upload_tmp_dir = /home/[username]/tmp GD support is included. PW doesn't log any errors, even with $config->debug set to true. This is PW 2.7.3 on PHP 5.6.28. What else should I check?
- 2 replies
-
- mod_security
- suhosin
- (and 5 more)