willo_the_wisp Reply #1, 1 year, 9 months ago
Hi,
This is a post made in case it helps someone else, and saves them the hours of frustration that I had!
I've used MODx Evolution in various versions on several sites now, and have been very pleased with it, as have my clients. I was excited when I saw that Revolution had been released. I had a client project which could use it, so I downloaded and installed it. It worked fine locally on my development server and I did many hours of work developing and testing the site locally.
However, problems started when I then installed it on my Production server, hosted with my usual hosting company in the UK.
For some reason, certain functions (adding new pages, snippets and chunks generally) would cause my server to crash. I would then find myself locked out of the site for 10 mins while the error cleared. This became very frustrating!
I investigated with my hosting company, who checked the logs and said it was because MODx was tripping the mod_security Apache module.
Over the next couple of days, whenever it crashed I'd e-mail the hosting company, who'd check the logs, then disable whichever mod_security rule was being invoked. However after two days of this, I became so frustrated that I gave up - I decided to revert back to Evolution 1.0.4 which works fine on the same server.
In case it helps anyone else, here are a couple of log entries showing what was causing the server to trip mod_security and crash:
[Tue Aug 17 12:52:54 2010] [error] [client 94.7.231.70] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "455"] [id "340162"] [rev "193"] [msg "Atomicorp.com WAF Rules: Remote File Injection attempt in ARGS (AE)"] [data "177"] [severity "CRITICAL"] Access denied with code 412 (phase 2). Match of "beginsWith http://% {SERVER_NAME}/" against "MATCHED_VAR" required. [hostname "www.DOMAIN.com"] [uri "/connectors/workspace/packages-rest.php"] [unique_id "luhU8FBScesAAFJd4woAAAAA"]
[Tue Aug 17 13:10:32 2010] [error] [client 94.7.231.70] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "455"] [id "340162"] [rev "193"] [msg "Atomicorp.com WAF Rules: Remote File Injection attempt in ARGS (AE)"] [data "177"] [severity "CRITICAL"] Access denied with code 412 (phase 2). Match of "beginsWith http://% {SERVER_NAME}/" against "MATCHED_VAR" required. [hostname "www.DOMAIN.com"] [uri "/connectors/workspace/packages-rest.php"] [unique_id "1fWFl1BScesAAH8YbFgAAAAK"]
Suffice it to say, I've had a bellyfull of Revolution. It has cost me 2/3 days of work on my project. I'm afraid I'll be sticking with Evolution for now and only trying Revolution again with extreme caution as I just can't afford to waste time on problems like this.
I hope this helps someone! Or perhaps it will help the MODx dev team to solve the issues in a later version?
This is a post made in case it helps someone else, and saves them the hours of frustration that I had!
I've used MODx Evolution in various versions on several sites now, and have been very pleased with it, as have my clients. I was excited when I saw that Revolution had been released. I had a client project which could use it, so I downloaded and installed it. It worked fine locally on my development server and I did many hours of work developing and testing the site locally.
However, problems started when I then installed it on my Production server, hosted with my usual hosting company in the UK.
For some reason, certain functions (adding new pages, snippets and chunks generally) would cause my server to crash. I would then find myself locked out of the site for 10 mins while the error cleared. This became very frustrating!
I investigated with my hosting company, who checked the logs and said it was because MODx was tripping the mod_security Apache module.
Over the next couple of days, whenever it crashed I'd e-mail the hosting company, who'd check the logs, then disable whichever mod_security rule was being invoked. However after two days of this, I became so frustrated that I gave up - I decided to revert back to Evolution 1.0.4 which works fine on the same server.
In case it helps anyone else, here are a couple of log entries showing what was causing the server to trip mod_security and crash:
[Tue Aug 17 12:52:54 2010] [error] [client 94.7.231.70] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "455"] [id "340162"] [rev "193"] [msg "Atomicorp.com WAF Rules: Remote File Injection attempt in ARGS (AE)"] [data "177"] [severity "CRITICAL"] Access denied with code 412 (phase 2). Match of "beginsWith http://% {SERVER_NAME}/" against "MATCHED_VAR" required. [hostname "www.DOMAIN.com"] [uri "/connectors/workspace/packages-rest.php"] [unique_id "luhU8FBScesAAFJd4woAAAAA"]
[Tue Aug 17 13:10:32 2010] [error] [client 94.7.231.70] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "455"] [id "340162"] [rev "193"] [msg "Atomicorp.com WAF Rules: Remote File Injection attempt in ARGS (AE)"] [data "177"] [severity "CRITICAL"] Access denied with code 412 (phase 2). Match of "beginsWith http://% {SERVER_NAME}/" against "MATCHED_VAR" required. [hostname "www.DOMAIN.com"] [uri "/connectors/workspace/packages-rest.php"] [unique_id "1fWFl1BScesAAH8YbFgAAAAK"]
Suffice it to say, I've had a bellyfull of Revolution. It has cost me 2/3 days of work on my project. I'm afraid I'll be sticking with Evolution for now and only trying Revolution again with extreme caution as I just can't afford to waste time on problems like this.
I hope this helps someone! Or perhaps it will help the MODx dev team to solve the issues in a later version?
