Agree that this is modsec being irritating and pointlessly annoying
Quote from: cottagestuff at May 20, 2018, 07:00 AM
Bob's suggestion of disabling ModSec only for the manager directory seems interesting. No way to do that in my shared hosting CPanels, but I have asked the hosting company if that is an option.
My hoster says this is impossible...they basically said you can't do that
BobRay, I deleted the info before but you have now heard of a modsec problem on one of the shared accounts of one of those approved hosters. Its quite possible that modsec recently jacked up the rules again.
cottagestuff thanks for your info, I myself can't find my list but its definitely getting longer and longer.
And I still believe the issue is a lot of text, I don't care about MIGX or TinyMCE, its all text as far as modsec is concerned. The extra could theoretically affect how modsec perceives the text but I sort of doubt it, because that sort of defies the whole point. If the extra could affect modsec's perception of the text then a virus or injection would learn to do so to avoid detection.
I could be way off here. You found the distinction was between resources using TinyMCE and those not, but that says to me, resources with text, and without. But afaik this is a text-based search looking for keywords, and the hoster chooses the keyword list I believe! So they ramp up some long list which probably protects no one but brings us trouble. And each of those rules are very simple, I guess, just this keyword or that, or number of times, or whatever. Even if their damn text-scanner times out it brings an error, their overly-sensitive scanner, then it times out, so you have to crank up the allotted time. To go through the text that I put there. So pointless.
I could be totally wrong here, I don't know, but the problem did seem to start right about the time I started loading up one page in particular with text.
Given where we are, I might just disable it. Its been an entire month of bs, entirely sick of it and not at all happy with my hoster.
[ed. note: nuan88 last edited this post 1 year ago.]