<![CDATA[ upgrading and mod_security - MODX Community Forums]]> https://forums.modx.com/thread/?thread=105000 <![CDATA[upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564561
So my question is: Does a higher version will have the same problem with mod_security? Will a manual upgrade under this hosting environment solve my problem?]]>
spica8 Mar 23, 2019, 01:10 PM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564561
<![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564609
View the Manager with Chrome or Firefox and get ready to save a chunk.

Turn on Dev. Tools (Ctrl-shift-i) and watch the network tab.

Click on the "Save Button"

On the left side of the dev. tools window, you should see a call to index.php near the top. When you hover over it, you should see yoursit.com/connectors/index.php. Click on that line.

Just above the grid, you should see some tabs. Headers, Preview, Response.

The Headers tab will show you what got sent to the connector if you scroll all the way down. It will look something like this:

propdata: [{"name":"placeholder1","desc":"","xtype":"textfield" . . .

The Response tab will show you what came back from the processor. If things went well, it will look something like this:

{"success":true,"message":"","total":0,"data":[],"object":{"id":337,"name":"Test","description":"","locked":false,"category":0,"snippet":" ...

If something went wrong, it will often show a messy block of HTML containing an error message. If you paste that into a resource and view it, you'll see a nicely formatted error message with a stack trace that might help explain what's happening.]]>
BobRay Mar 26, 2019, 04:33 PM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564609
<![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564605 Quote from: BobRay at Mar 25, 2019, 05:44 PM
Can you save templates, plugins, and resources?

Only snippets & chunks not.]]>
spica8 Mar 26, 2019, 09:45 AM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564605
<![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564591 BobRay Mar 25, 2019, 05:44 PM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564591 <![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564588
Cant save a blank chunk. Endless saving dialog.

In the log
 [2019-03-25 16:47:08] (ERROR @ /index.php) [OnWebPageInit]1
[2019-03-25 16:47:08] (ERROR @ /index.php) [OnWebPageInit]1
[2019-03-25 16:47:18] (ERROR @ /secretmanager/index.php) [OnManagerPageInit]1
[2019-03-25 16:47:18] (ERROR @ /secretmanager/index.php) [OnBeforeManagerPageInit]1
spica8 Mar 25, 2019, 03:56 PM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564588
<![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564582
While mod_security is almost always the cause of your problem, there are a few other things you could check. A plugin that is attached to one of the system events that fire when a chunk or snippet is saved could be causing trouble. Disabling all plugins by right-clicking on them in the Elements tree, then manually deleting all files in the core/cache directory before testing would tell you if a plugin is the problem.

You could also have a MODX permission problem (though usually that will trigger an "Access Denied" message). Make yourself (temporarily) a sudo user. Flush permissions and log out all users, then log back in. If this solves the problem, it's a MODX permission issue.

Some people have reported saving problems when there is a mismatch between the MODX date_timezone System Setting and the corresponding settings for the server and PHP.

All that said, if you trigger the problem a bunch of times and note the time, your host should be able to look at the mod_security log and see which, if any, rules were violated during that time period. If your host isn't willing to do that, they're a crappy host, and you should move the site to a host that's more supportive.

BobRay Mar 25, 2019, 02:51 PM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564582
<![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564575
But before I go into that conversation I would like to exclude any other reasons, that could lead to the error messeage. But I have no idea, if theres anything else, that could prohibit the system to write chunks or snippets. So any idea would be appreciated.

Maybe its somthing else, as I have been able to install and work with the system some time ago. And I have another installation at this hoster (but on another machine?) that is running without problems.]]>
spica8 Mar 25, 2019, 08:24 AM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564575
<![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564572
it will be based at least in part on the actual contents of the site, so its reasonable that not every site triggers mod_sec

for me, my site had pages that were very text-heavy, and these triggered mod_sec. having a page with, for example, 'casino' appearing 5 times was ok, 8 was not. there are many other rules that use subtle ways to look for viruses and other dangers.

one possible solution is for the hoster to simply remove mod_sec on the manager folder only. This is an internal folder with multiple safeguards already, and doing so has no effect on security. it is during internal actions (you as an admin creating snippets) that the rules are triggered.

I had to go through a whole process of triggering rules and having them relaxed, it was tough.]]>
nuan88 Mar 24, 2019, 10:17 PM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564572
<![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564568
Reinstalling updatemodx gives one strange line:
Error saving vehicle object of class modChunk; criteria: Array ( [name] => UpgradeMODXTpl ) 
Error saving vehicle object of class modSnippet; criteria: Array ( [name] => UpgradeMODXWidget ) 
Could not install related objects with locally owned keys for vehicle object of class modCategory; criteria: Array ( [category] => UpgradeMODX ) 
spica8 Mar 24, 2019, 11:53 AM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564568
<![CDATA[Re: upgrading and mod_security]]> https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564565
FWIW: https://bobsguides.com/modx-friendly-hosts.html

No users I know of have reported any mod_security issues at any of the hosts on the list.]]>
BobRay Mar 24, 2019, 05:01 AM https://forums.modx.com/thread/105000/upgrading-and-mod-security#dis-post-564565