Quote:
Originally Posted by InfoTech-Solutions
Still no joy so I've opened a ticket.
Incidentially, installing drupal on the root of the main domain didn't work either.
Thanks
Tim
|
Hello,
It was due to mod_security rule set on server.
We understand that these changes will certainly affect your web site hosting administration in one way or another. However, our top priority here is to protect our servers and data.
You can check the exact message here:
--------
[Wed Nov 7 23:40:41 2007] [error] [client 86.142.111.17] mod_security: Access denied with redirect to [/]. Pattern match "<(.|\\\\n)+>" at POST_PAYLOAD [id "XSS_Check"] [severity "EMERGENCY"] [hostname "infotech-solutions.co.uk"] [uri "/admin/og/og"]
[Wed Nov 7 23:45:40 2007] [error] [client 86.142.111.17] mod_security: Access denied with redirect to [/]. Pattern match "<(.|\\\\n)+>" at POST_PAYLOAD [id "XSS_Check"] [severity "EMERGENCY"] [hostname "infotech-solutions.co.uk"] [uri "/admin/og/og"]
---------
The rule "SecFilter <(.|\\\\n)+>" is added under mod_security to prevent server from web attacks such as iframe injection or XSS attack(HTML/Javascript injection) and its not possible to remove this rule from mod_sec rule set.
I have excluded your domain from mod_security restriction.
Also, I have enabled the "Access Control" under your Organic Groups Configuration.