Blob (![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small} blob) wrote in ![[info]](http://l-stat.livejournal.com/img/community.gif){kind=small} dyc_hosting,@ 2006-01-03 12:56:00 |
|
Weird, weird problem
Katie -
I'm sure this is related to whatarkadina posted about last month, although I've only just seen her post about it! Not sure how I missed that. I've done a bit of research into it so I thought I'd post here.
A lot of visitors to both of my sites have been getting 403 forbidden errors when trying to post comments on my blogs, send messages via my feedback forms, and post questions in my Q&A. This has been happening since November time, which is when we had all the problems with the server. I have had this problem numerous times when trying to update my blog. It would appear that the server disallows/bans lots of words, and combinations of letters/spaces, from being submitted - one example of a letter combination is "sh t" (which features in in "wish that", "finish the", "posh things", etc.), and also "sh s" (in "wish she", "finish shopping", "posh socks", etc.) Plus other combinations, I'm sure, although finding them is a tricky matter - it involves dissecting each post and removing sentences, words or letters one by one, until you figure out exactly which combination of letters is causing the problem! It really does limit what can be posted. :( Long comments are generally lost more often than short comments, because, obviously, there's more chance of them containing forbidden words/combinations.
EDIT: Okay! After playing about a bit more, I've realised that it's actually "sh " (with a space after it) regardless of the letters that follow. So something like "I like fish." would not be a problem, but "I like fish and chips" would.
After researching this a bit, I realised that it's not a problem with my scripts (as it's happening on both of my sites) - it's an issue with the server. So it won't be affecting individual accounts; it'll be affecting everyone. I expect that anyone else on the server trying to use the POST command (used in WordPress, and other scripts that use forms) to send the combination "sh t" will get a 403 error. In fact, I just took a trip over to DamnYellowCap.net and Tinyblob.net and tried to post comments of "sh s" and "sh t", which resulted in 403 errors. So I thought I'd let you know what some people have suggested to tell your host if you're having the same problems.
These are the suggestions:
- Ask your host whether they're using mod_security, and if so, whether they have any (overly-simplistic) rules that look for certain terms. Give an example of a combination of letters that is banned; in this case "sh ".
- Ask your host to update Zend (although this appears to work in only about 50% of the cases).
I don't really understand the above suggestions, but maybe you could contact Surpass and ask about them? It really is getting a bit annoying, because there's a lot of discussion over at Rachael-Stirling.com (and will be more when I get the forum set up). At present, only about 40% of the messages are getting through, and people are losing some long comments. :( I advised them to keep a backup of their comments before posting, but it's not like they're able to post them anyway, so that isn't much use, LOL! I thought it was a problem on my end to start with, which is why I haven't posted here about it until now.
Help? :)
Katie -
I'm sure this is related to what
arkadina posted about last month, although I've only just seen her post about it! Not sure how I missed that. I've done a bit of research into it so I thought I'd post here.A lot of visitors to both of my sites have been getting 403 forbidden errors when trying to post comments on my blogs, send messages via my feedback forms, and post questions in my Q&A. This has been happening since November time, which is when we had all the problems with the server. I have had this problem numerous times when trying to update my blog. It would appear that the server disallows/bans lots of words, and combinations of letters/spaces, from being submitted - one example of a letter combination is "sh t" (which features in in "wish that", "finish the", "posh things", etc.), and also "sh s" (in "wish she", "finish shopping", "posh socks", etc.) Plus other combinations, I'm sure, although finding them is a tricky matter - it involves dissecting each post and removing sentences, words or letters one by one, until you figure out exactly which combination of letters is causing the problem! It really does limit what can be posted. :( Long comments are generally lost more often than short comments, because, obviously, there's more chance of them containing forbidden words/combinations.
EDIT: Okay! After playing about a bit more, I've realised that it's actually "sh " (with a space after it) regardless of the letters that follow. So something like "I like fish." would not be a problem, but "I like fish and chips" would.
After researching this a bit, I realised that it's not a problem with my scripts (as it's happening on both of my sites) - it's an issue with the server. So it won't be affecting individual accounts; it'll be affecting everyone. I expect that anyone else on the server trying to use the POST command (used in WordPress, and other scripts that use forms) to send the combination "sh t" will get a 403 error. In fact, I just took a trip over to DamnYellowCap.net and Tinyblob.net and tried to post comments of "sh s" and "sh t", which resulted in 403 errors. So I thought I'd let you know what some people have suggested to tell your host if you're having the same problems.
These are the suggestions:
- Ask your host whether they're using mod_security, and if so, whether they have any (overly-simplistic) rules that look for certain terms. Give an example of a combination of letters that is banned; in this case "sh ".
- Ask your host to update Zend (although this appears to work in only about 50% of the cases).
I don't really understand the above suggestions, but maybe you could contact Surpass and ask about them? It really is getting a bit annoying, because there's a lot of discussion over at Rachael-Stirling.com (and will be more when I get the forum set up). At present, only about 40% of the messages are getting through, and people are losing some long comments. :( I advised them to keep a backup of their comments before posting, but it's not like they're able to post them anyway, so that isn't much use, LOL! I thought it was a problem on my end to start with, which is why I haven't posted here about it until now.
Help? :)
