Unable To Update Knowledgebase

[willow]

I've recently upgraded my installation to latest release but im now not able to update my knowedgebase articles because im getting a 406 error when i try to save the changes:

Not Acceptable

 

An appropriate representation of the requested resource /admin/supportkb.php could not be found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

I have checked and /adming/supportkb.php is there.

 

Thanks in advance

[WHMCS John]

Sounds like a mod_security issue. Your server admin/hosting provider will have to fix this.

[willow]

Thanks John

[mikelegg]

I get this occasionally too. It's definitely ModSecurity that's blocking the posted data.

 

[Tue Oct 18 13:47:45 2011] [error] [client xx.xx.xx.xx] ModSecurity: Access denied with code 406 (phase 2). Pattern match "((select|grant|delete|insert|drop|alter|replace|truncate|update|create|rename|describe)[[:space:]]+[A-Z|a-z|0-9|\\*| |\\,]+[[:space:]]+(from|into|table|database|index|view)[[:space:]]+[A-Z|a-z|0-9|\\*| |\\,]|UNION SELECT.*\\'.*\\'.*,[0-9].*INTO.*FROM)" at REQUEST_BODY. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "347"] [id "300013"] [rev "1"] [msg "Generic SQL injection protection"] [severity "CRITICAL"] [hostname "hostname.domain.tld"] [uri "/adminfolder/supportkb.php"] [unique_id "Tpz24XZYGEEAAGRBlzoAAAAD"]

 

It doesn't affect all KB articles though, I'm trying to work out what it is about some KB articles that triggers the rule.

[mikelegg]

Quick solution was to whitelist my IP in ModSecurity

 

Open

/usr/local/apache/conf/modsec2/whitelist.conf

 

Add

SecRule REMOTE_ADDR "^xxx\.xxx\.xxx\.xxx" phase:1,nolog,allow,ctl:ruleEngine=off

(Where xxx.xxx.xxx.xxx is your IP address)

 

Restart Apache.

Edited October 18, 2011 by mikelegg