Log in | Register
  1. Forum
  3. Discontinued Products
  5. JFBConnect Joomla 2.5 Support (CLOSED)
  7. Error 406 - Access error

Topic-icon Error 406 - Access error

Active Subscriptions:

None
13 years 5 months ago #29521 by pvh
Error 406 - Access error was created by pvh
When I want to save an new custom object, I get an access error 406 returned from the server.
In another post it was established that mod_security would be responsible for that error.
On my test machine without mod_security everything works fine.

I have asked my provider to give me log information of my tests and you find that below.

Rgrds, Pieter

"Access denied with code 406 (phase 2). Pattern match "(?:\\b(?:(?:s(?:elect\\b(?:.{1,100}?\\b(?:(?:length|count|top)\\b.{1,100}?\\bfrom|from\\b.{1,100}?\\bwhere)|.*?\\b(?:d(?:ump\\b.*\\bfrom|ata_type)|(?:to_(?:numbe|cha)|inst)r))|p_(?:(?:addextendedpro|sqlexe)c|(?:oacreat|prepar)e|execute(?:sql)?|makewebt ..." at ARGS:Itemid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "88"] [id "950001"] [msg "SQL Injection Attack"] [data "select 1 from(select count(*),concat((select username from jos_users where"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"]"
The topic has been locked.
Support Specialist
13 years 5 months ago #29610 by alzander
Replied by alzander on topic Error 406 - Access error
Pieter,
Thanks for your patience. We setup a server with mod_security and tried to do some testing. Unfortunately, we can't get mod_security to trigger and deny our save. So, we'll need a little more information on your configuration and what your doing to try to narrow things down more.

In Joomla, can go to System Information and then PHP Information. Do a search for "mod_security". Let us know if you're using "mod_security" or "mod_security2". If look into your server configuration (or ask your host) for the exact version of mod_security in used.

Then, please let us know the exact settings you're trying to save in the Custom Object. We need to know every parameter configuration so we can try to test further, so please let us know them all.

Hopefully, that will help us recreate the problem and get you going.

Thanks,
Alex
The topic has been locked.
Active Subscriptions:

None
13 years 5 months ago #29636 by pvh
Replied by pvh on topic Error 406 - Access error
Alex,

Herewith the requested info:

The security module is: ModSecurity 2.x

The actions I do on Open Graph are:
- Open up the Open graph screen in the backend.
- Click on Objects
- Click on New
- Select in the objecr window the "Custom Object Type"
Filled in the parameters as in attached screenshot (fname=JFBC_screenshot.jpg)
In case the screenshot is not very clear, the used params are:

Changed Name to "Joomblog"
object type: news.reads
Url Query parameter: option=com.joomblog view=blogger

The rest of the params as per default.

Rgrds, Pieter
The topic has been locked.
  1. Forum
  3. Discontinued Products
  5. JFBConnect Joomla 2.5 Support (CLOSED)
  7. Error 406 - Access error
From the Blog
Facebook | Twitter | LinkedIn | Blog RSS