We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Photo plugin failed to work [Solved] | Forum

Davide
Davide Jul 21 '14
Ok, thank You Ross... I'll try to speak with my provider about this.

Vadim I don't know how to see Plugin version, in the Update folder there is 6272 as last version.

However I think that's better to follow ross' instructions about this:)

Davide
Davide Jul 22 '14
It's not possible to disable mod_security on godaddy shared servers.

the only things that they can do are:

They can do something about the particular rule in the mod_sec that are causing this

If I send to them screenshot of that error with my ip they could lift it by mod_sec.

ross Team
ross Jul 22 '14
Which is why we do not recommend Godaddy. 
Davide
Davide Jul 23 '14
However with the Default plugin works good... :(
ross Team
ross Jul 23 '14
What do you mean? photo plugin is the default plugin. 
Davide
Davide Jul 23 '14
If I don't update Photo Plugin, default "version" it works fine.

My problem is after updated that with a newest version

ross Team
ross Jul 24 '14
in 1.6 we used flash upload now we use ajax and for some reason mod_security module on your server considers that as a threat to the server and block it, you will need to disable it or find another hosting provider. as I said earlier, Godaddy is not recommended hosting provider. 
Davide
Davide Jul 24 '14
Actually I'm using Oxwall version 1.7.0 (build 7906) and the Photo Plugin works good.

The problem is when I update that plugin, I think that Photo Plugin now, in 1.7 is using Flash Player too.

I could try to speak with Godaddy for this problem, I payed that host less then 1 month ago I can't change it now.

They said to me to explain that problem and they could fix it

Davide
Davide Jul 24 '14
If I upload photo creating new Album I can upload photo, in the other way I have that error.


POST http://venom.hph.photography/...=0.05988057656213641 406 (Not Acceptable) jquery.min.js:6x.support.cors.e.crossDomain.send jquery.min.js:6x.extend.ajax jquery.min.js:6loadComponent ow.js?53c967a07f639:361ajaxFloatBox ow.js?53c967a07f639:402window.addNewPhoto53d0b7f820b7b (index):1098(anonymous function) VM92:1

ross Team
ross Jul 24 '14
No, davide, latest version of photo plugin uses ajax for uploading photos. as I said mod_security can block this, as we do not provide instructions on the settings and how to configure this module, you need to disable module at all or ask your provider to do that for you. 
Davide
Davide Jul 24 '14
I tryied to explain my problem to Go Daddy support, when I get their answer I'll share with You.

If I keep old Plugin are there problems?

In the worst case default Photo Plugin on 1.7 works good, the problem is after update, because I think that it becomes Ajax based.

The strange thing is that works on "Album Upload mode".... also updated..

The Forum post is edited by Davide Jul 24 '14
ross Team
ross Jul 27 '14
I'm going to mark this post as Solved. As all who posted here have the same problem and solution is to disable Mod_security module. 
ross Team
ross Aug 25 '14
yes, Chirs you're right, as I noted in many posts related to this module it totally depends on it's settings, and it varies from server to server, however we do not provide instructions on server configuration which is why we ask to disable that module completely. Otherwise hosting provider support team should figure out which settings of the module cause this issue with the software. 
Akeem
Akeem Aug 25 '14
i am having the same issue as chris can anyone shed some light on this issue?
ross Team
ross Aug 25 '14
see my reply above
Kurt
Kurt Aug 31 '14

I have the same problem.

I asked my webhost to disable mod_security.

They said:

It's not recommended to disable the mod security rule as it will lead to security vulnerability and mysql injections.


I asked them to do it anyway.


I am new to oxwall, but I am curious. If it worked with mod_security enabled before version 1.7, what was changed in the programing that required this potential security vulnerability to be required, and was it worth it?



Wilson
Wilson Aug 31 '14

he Kurt,


I was doing some reading here...here's your answer from Ross


Quote from ross in 1.6 we used flash upload now we use ajax and for some reason mod_security module on your server considers that as a threat to the server and block it, you will need to disable it or find another hosting provider. as I said earlier, Godaddy is not recommended hosting provider. 
Wilson
The Forum post is edited by Wilson Aug 31 '14
Kurt
Kurt Aug 31 '14

Thanks Wilson

I still wonder what benefit the change was, and whether disabling mod_security poses any vulnerability risks to my website.

ross Team
ross Aug 31 '14
We asked to disable mod_security module completely, because we do not provide instructions on server configuration. However server techs should be able to disable some settings of the mod_security module in order to make the feature work on the website and still have the module ON. 
Kurt
Kurt Sep 1 '14

Thanks Ross

My host disabled mod_security and now photos and videos work fine.

I will have a conversation with them about disabling only some of the settings.

Pages: « 1 2 3 »