WordPress.org

Ready to get started?Download WordPress

Forums

Solve a 404 after "save changes" from options-permalink.php (12 posts)

  1. nDray
    Member
    Posted 5 years ago #

    I can't set permalinks in my blog because everytime (except when I choose ) I press "save changes" I get a 404 - Not Found.

    I believe this could be a .htaccess or general server problem.
    Here is some info about the server: http://bugflux.org/info.php
    It is a virtuozzo virtual server.

    Hit me with everything you've got. I have a few more days before reclaiming unsatisfaction with the service ^^

    Thanks in advance.

  2. nDray
    Member
    Posted 5 years ago #

    I now know that mod_security2 is causing this problem. Disabling it is not a solution.

    The module is blocking the POST:

    Mon Sep 08 16:34:57 2008] [error] [client 213.22.159.193] ModSecurity: Access denied with code 400 (phase 2). Pattern match "\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:selection. [id "950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"] [hostname "bugflux.org"] [uri "/wp-admin/options-permalink.php"] [unique_id "KVUMRH8AAAEAAGwKyAoAAAAI"]

    I'd like to know if there's any workaround or solution for this as my host is not willing to disable it, and this should not happen anyways, I believe...

  3. alikhaliq
    Member
    Posted 5 years ago #

    I am having the same issue. I ve been trying to enable the xmlrpc posting option but everytime i click the save changes button the following error shows up:

    Not Acceptable

    An appropriate representation of the requested resource /blog/wp-admin/options.php could not be found on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    Can somebody please help me with this issue?

  4. ianmckendrick
    Member
    Posted 5 years ago #

    I'm having the same problem too.
    When attempting to upload any images, or change any plugin parameters I get the following error:

    Bad Request
    Your browser sent a request that this server could not understand.
    Client sent malformed Host header

    After examining my logs I found the following entry:
    [Sun Dec 21 18:20:40 2008] [error] [client 84.12.106.26] ModSecurity: Access denied with code 400 (phase 2). Pattern match "\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:aktt_digest_title. [id "950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"] [hostname "ianmckendrick.com"] [uri "/wp-admin/options-general.php"] [unique_id "mYKe0H8AAAEAACegG2IAAAAB"]

    Does anyone know how to overcome this please?

  5. nDray
    Member
    Posted 5 years ago #

    "I" did manage to solve the problem...

    I left the CMS alone for a while then, a few days later, I came back and saw that there was a newer wordpress version... I upgraded my instalation and the problem was gone.

    I don't know if the solution was the upgrade or something happened in my server... I did talk to them about the issue, maybe they did something... Try to figure what's going on with your host providers...

  6. webmystery
    Member
    Posted 5 years ago #

    I'm getting a 500 after attempting to add a text widget. My host error log shows this:
    ModSecurity: Access denied with code 500 (phase 2). Pattern match "<:space:*(script|about|applet|activex|chrome)*>.*(script|about|applet|activex|chrome):space:*>" at REQUEST_BODY. [file "/etc/httpd/conf.d/modsec.rules.conf"] [line "318"] [hostname "www.webmystery.net"] [uri "/bloomarts/wp-admin/widgets.php"] [unique_id "d0g@N0ggOZwAACvgM6YAAAAG"]

    Maybe something to do with a DNS redirect??

    I still get the same error after upgrading to 2.7
    I would suspect my host of implementing some new security protocol, but I've got other WP sites on the same server that aren't having this problem.

    It is very discouraging to come on this forum looking for answeres and find posts describing real and serious problems that haven't been answered for months. (sigh)

  7. iridiax
    Member
    Posted 5 years ago #

    Your web host may be able to help you with this, but also see:

    http://wordpress.org/search/mod_security?forums=1

  8. webmystery, you may want to make a new post (as yours is a 500 error and this post is a 404). But.

    Based on http://wordpress.org/support/topic/226052?replies=2 I think you need to add the following to .htaccess

    <IfModule mod_security.c>
      SecFilterEngine Off
    </IfModule>

    There's a list of mod_security posts here: http://wordpress.org/tags/mod_security

  9. webmystery
    Member
    Posted 5 years ago #

    Thanks, all

    I've tried the .htaccess suggestion above, and some variations I found since in the other posts - no luck.

    I'll ask my allegedly wordpress friendly webhost if they have a suggestion. still really weird that this happens on only one of my wp sites with that host. I tried a clean install and a vanilla template with the same results.

    I was getting a 404 error before I upgraded to 2.7, the only change is that it is now returning a 500 error

  10. webmystery
    Member
    Posted 5 years ago #

    My host fixed it, and fast (laughingSquid.net)! ! Don't even bother with the htaccess stuff if you have a responsive host.

  11. How did they fix it?

  12. webmystery
    Member
    Posted 5 years ago #

    "I've whitelisted the modsecurity rule catching this, please give it a try now and let me know if you're still running into problems."

Topic Closed

This topic has been closed to new replies.

About this Topic