Answered Can download, but not install add-ons

The only way to deal with it is to ask your host to check the mod_security logs at the time you experienced the errors. If the host is responsive, they'll check and be willing to turn off the mod_security rules that are causing the problem (assuming that that's the problem).

Just to make this thread more complete, I'd note that I am also experiencing a failure to install any package.

What I've checked, per this thread:

1. is mod_security running? no
2. disable compress_js and compress_css, for manager. No change.

Symptoms: this is almost certainly caused by the borked Articles install that I had to strip out bit by bit, since everything was working fine until I tried removing that.

the server is running Apache 2.4.26, php version: 5.6.30, on Ubuntu 12.04.

Of further interest is that my dev machine had the same issue, but after trying various ways to strip out the broken Articles packaging, that system now works, which is disturbing.

The live site has a few differences, one of which is running through cloudflare, the other that it is SSL, https, whereas my local machine doesn't use ssl.

Other than that, I've never experienced any meaningful differences between the two systems, until this latest issue.

I discovered this by the way when trying to install Bob's CacheMaster plugin, which is installed and working fine on my local system, but not where it's needed on the live modx site.

Let me toss out a few more ideas.

I once had to uninstall Articles and spent quite a bit of time searching the DB for references to quip, archivist, and some of the other packages that are installed automatically with Articles but that were imperfectly removed, so you may not have excised all of them.

Package Installs involving upgrades archive the older versions. I think all the writing is to core/packages, but I'm not sure. There could be an issue with the permissions or ownership of the core/packages directory.

There is also a known issue with the MODX version of TinyMCE. I've seen some reports from people with similar problems that were fixed by uninstalling TinyMCE.

One more thing to try is to fire up Firebug or Chrome Dev. Tools (Ctrl-shift-i) and watch the network tab when you try to install a package. Usually, you won't see the AJAX request to the processors, but you can see the calls to the connector that calls them. If you click on a line, you can drill down with the tabs on the right to see the processor request and the response. If you're lucky, the response will contain (in ugly HTML) an error message that might provide a clue.

These are long shots, but since nothing else has worked:

Yet another thing to try would be to disable all plugins and manually delete the core/cache files just before installing an extra.

I also had one site where it helped to reload the Manager page after downloading a package before installing it. I never figured out why.

Thanks Bob. Your ajax plus removing tinymce ideas were good guesses. The issue is not corrected, but by removing tinymce for some reason I started getting console debugging data when clicking the Install button, which then shows in chrome developer tools the connectors/index.php returning an inexplicable 403 forbidden code. I'll dig into this a bit more.

Note that the modx-core/packages seems to have the right permissions, and contains the xxxx.transport.zip downloads from a test package, which means that is being written to as expected. Actually, taking a closer look, I noticed that lazytable, the test package I'm using to debug, did in fact extract and create its directory in 'modx-core/packages'. However, it did not create that directory, or move it, not sure how it works, in 'modx-core/components'.

This gets me a lot further (anonymized slightly):


On the working dev server, this returns 200, but on the borking live site server, it returns 403. I'll check the server itself to see if anything could be catching some other rule. [ed. note: lizardx last edited this post 6 years, 9 months ago.]

This was enough to debug the issue, which is NOT a problem with modx, the problem was that the specific url used to trigger the next step of the install process contained %2 character, which I had a security rule against in urls, not remembering that is a totally valid component of some query strings, such as the one above. While leaving me a touch red faced, I hope that the various suggestions bob made above help someone else fix their issues. Don't forget to donate to bob now and then, he helps a lot of people on these forums. https://bobsguides.com/ [ed. note: lizardx last edited this post 6 years, 9 months ago.]