In CP Publish, I’m attempting to edit a post.
Error on Screen:
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, .(JavaScript must be enabled to view this email address) and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Doing a tail on the apache error_log, I find this:
[Mon Aug 22 19:04:16 2011] [error] [client 64.222.117.148] ModSecurity: Rule execution error - PCRE limits exceeded (-8): (null). [hostname “dev.MYSITE.com”] [uri “/system/index.php”] [unique_id “TlLgcEWnpHEAABzS-bAAAAAF”]
[Mon Aug 22 19:04:16 2011] [error] [client 64.222.117.148] ModSecurity: Access denied with code 500 (phase 2). Pattern match “(insert[[:space:]]+into.+values|select.*from.+[a-z|A-Z|0-9]|select.+from|bulk[[:space:]]+insert|union.+select|convert.+\\(.*from)” at ARGS:field_id_2. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “355”] [id “300016”] [rev “2”] [msg “Generic SQL injection protection”] [severity “CRITICAL”] [hostname “dev.MYSITE.com”] [uri “/system/index.php”] [unique_id “TlLgcEWnpHEAABzS-bAAAAAF”]
[Mon Aug 22 19:04:16 2011] [error] [client 64.222.117.148] File does not exist: /home/ACCOUNT/public_html/500.shtml, referer: https://dev.mysite.com/system/index.php?S=936b724946ebc4c17f29f582bb1e43547924c952&D=cp&C=content_publish&M=entry_form&channel_id=1&entry_id=55
Here’s the content that’s causing the problem:
Overall Efficiency
The amount of heat that enters your home, compared to the amount that would be produced if all of the combustible materials were converted to heat. Overall efficiency is the one homeowners are concerned with. You want as much heat in the house as possible from each piece of wood – as close as possible to the total potential heat in the wood.
For the facts & figures buffs: Older, non- EPA-certified stoves generally measure at about 50% overall efficiency or less. EPA- certified stoves test at 63% to 72% or better.
EPA Regulations
In 1988 the U.S. Environmental Protection Agency (EPA) enacted rules for cleaner operation of wood stoves. Now, all new stoves sold in the U.S. are required to be designed and tested to meet strict emission control and efficiency standards. As we cover the types of new stoves, you will see how this increased efficiency is accomplished, and how it benefits both the environment and the stove user.
Note: Certain types of stoves, such as cook stoves, or stoves with a very high fuel-to-air ratio (which are not very effective as heaters, but often don't emit much smoke) are exempt from the EPA requirements.
For the facts & figures buffs: Older, non- EPA-certified stoves generally measure at about 50% overall efficiency or less. EPA- certified stoves test at 63% to 72% or better.
EPA Regulations
In 1988 the U.S. Environmental Protection Agency (EPA) enacted rules for cleaner operation of wood stoves. Now, all new stoves sold in the U.S. are required to be designed and tested to meet strict emission control and efficiency standards. As we cover the types of new stoves, you will see how this increased efficiency is accomplished, and how it benefits both the environment and the stove user.
Note: Certain types of stoves, such as cook stoves, or stoves with a very high fuel-to-air ratio (which are not very effective as heaters, but often don't emit much smoke) are exempt from the EPA requirements.
Sorry, the HTML paragraph-tags are stripped out above, but each line has an open/close paragraph tag.
I can get around this by messing with the text, so no panic here. For example, remove the word “from” from the last line, just before “the EPA requirements” and it submits fine :coolcheese:
This is a WYGWAM field, but i don’t think that has anything to do with it.
False positive SQL Injection find? Bug?
Thanks.