I was hoping to hear from users on Hostgator servers about a major problem I discovered yesterday when I attempted to update the YARPP plugin using the One Click Plugin Updater.
The server apparently has a security exception which locks you out of your site for some period of time if you try to use One Click to install the upgraded plugin.
This is the explanation I was provided:
The reason this security rule is in effect is because it requires the script to download a file of its own accord, scripts allowed to download files on without checks have been known to download malicious material to our servers before, and have taken them down
I've been having great difficulty getting Hostgator to fix the problem though they say they have.
Has anyone else using Hostgator had this problem?
Here is the error in my log:
Wed Jun 08 03:27:26 2011] [error] [client 223.204.134.118] ModSecurity: Access denied with code 403 (phase 2). Match of "rx (/wp-content/plugins/one-click-plugin-updater)|(www/delivery/ajs.php)|(www/admin/dashboard.php)|(/wp-content/(themes|uploads)(?:/(\\\\w+))*/(tim)?thumb.php|/pl/download\\\\?file=http|/index\\\\.php/admin/system_config/save/section/payment/|^/b/ss/mxmacromedi ..." against "REQUEST_FILENAME" required. [file "/opt/mod_security/hg_rules.conf"] [line "91"] [id "1234234"] [msg "JITP:1234234-RFI-REQUEST_FILENAME=cheapestlaptop.cheapandworth.com"] [hostname "www.richardsilverstein.com"] [uri "/tikun_olam/"] [unique_id "Te8ybkMSE@IAAGKbHmIAAABH"]
