Can't upload images in KCFinder in 1.0.15 / 403 Forbidden

So I have installed a fresh copy of modx, added a quick thumbnail to the minimal template that comes with the install and I still get the exact same thing. Unfortunately I don't know how to troubleshoot my server from here.

Server error logs show nothing at all. Right after the file finishes uploading this is what my network tab in my developer tools is showing as a 403: /manager/media/browser/mcpuk/browse.php?type=images&lng=en&act=upload

I can visit /manager/media/browser/mcpuk/browse.php just fine in a browser.

not sure if I'm right but you are working on hosting without a domain?
108.60.22.8/~jrjoseph/

as far as I know .htaccess doesn't work.
after added a domainname pointing to the hosting the problems where gone.

did you try to use your hosts file?
on windows7: windows / system32 / drivers / etc / hosts

edit with a texteditor and add:
108.60.22.8 www.somedomainname.com
108.60.22.8 somedomainname.com

then after going to www.somedomain.com you could try and see if that works (reset file paths)

I'm not sure if it helps but trying could not harm?

Quote from: fourroses666 at Feb 04, 2015, 10:30 AM

not sure if I'm right but you are working on hosting without a domain?
108.60.22.8/~jrjoseph/

Thanks for the reply. I originally was just using the IP but have since modified my host file and have been working with the site on the actual domain for the past couple of weeks.

You could try and ask your hostingprovider for possible errors.
Maybe some serversetting and kcfinder having a "fight".

prolly won't be a CHMOD 755/777 problem would it?

Maybe this issue is listed somewhere on github
https://github.com/sunhater/kcfinder/issues

Last option could be moving to other host.
Downgrading Evo to 1.0.10 wouldn't be safe.

I have no other possible solutions sorry.

I've tried CHMOD settings, but I will try and change them again just to make sure I did not miss anything. I've already talked to the hosting company and they care claiming nothing is wrong on their end, I plan on calling one more time to see if another person might be of more help. Next step after that will be to change hosting companies. I've already notified the client that this may need to happen.

Like AMDBuilder mentioned already it sounds like a ModSecurity issue and every thing you describe is exactly what I've experienced before right after an upgrade to 1.0.15: http://forums.modx.com/thread/95047/evo-1-0-15-kcfinder-problem#dis-post-515491 . In my case, this never shows up in the normal error log and I can only find reference to this in our VPS's ModSecurity log when I log in to WHM.

I am not sure if it is a cPanel environment (a quick Google search leads me to believe at least some accounts are) but in later versions of WHM/cPanel and in our config there is a link for ModSecurity that gives you an option to turn this off on a per domain basis. This may not be the case for all setups. I wouldn't leave it off, but if you have this option it could be worth turning it off temporarily to see if this fixes your issue. If you can do this and it does fix it for you they should be willing to whitelist/adjust the rules to let the file through.

Good luck, hopefully you don't have to switch hosts.

Maybe I am missing something but I am not seeing anything about mod_security on my phpinfo screen: http://108.60.22.8/~jrjoseph/phpinfo.php

Phpinfo doesn't report it in my case either. It does show up in my cPanel configuration but I do not believe that is an universal configuration: http://note.io/1zANYP2 . In the past, before our cPanel was updated to include this option, the only way I could do this is either have a VPS and access WHM or submit a support ticket about a mod_sec rule along with my IP address so the administrator could track down the specific rule that is being blocked. In all cases the only indication that the rule was working is in the ModSecurtiy log. In the browser this always just returned forbidden when it matched a particular pattern that I assume was interpreted as a potential attack.

I am far from an expert in these things it's just your symptoms exactly match my past experiences. If you passed along your IP address and asked your host if that is being blocked by ModSecurity or similar and they insist that it is not then I guess it is something else.

You probably need to have access to WHM to view this log, but here is a sample of the only indication this was happening in my case: http://note.io/18NQZTj [ed. note: dustinwalker last edited this post 9 years, 3 months ago.]