Support » Plugin: Code Snippets » 404 Error after save

Viewing 13 replies - 16 through 28 (of 28 total)
  • @bungeshea – Your post inspired me to do further testing and, at least in my case (error 403 while saving the snippet) I can see exactly what code is causing the issue. As to why, I’ll look to you for that answerd and whether it’s related to what you’re saying above.

    If I create a completely empty snippet, it saves without error.
    If I create a snippet with one simple line, e.g., “$x = 1;”, it saves w/o error.
    If, however, I put “$_POST” anywhere in the snippet, such as a one-liner of “$_POST;”, I get the 403 error when saving. Same happens with $_GET and it happens even if I comment out the line, e.g., “//$_POST;”

    @elenaocone @retunes @gevcen – I’m curious if you see the same behavior.

    In addition to the testing in the previous post, I confirmed that creating a simple snippet with just “$_POST;” in it, fails on all my websites, including the ones where I thought I didn’t have the problem previously. As it turns out, it was because I wasn’t using $_POST in the snippet.

    Ok my Hosting Provider solved this Problem by whitelisting the mod_sec rule. Thanks for the Note @elenaocone @bungeshea

    So guys, what’s the conclusion?

    How to solve the problem???

    @gevcen
    Ask your Hosting Provider to Whitelist the mod_sec rule and maybe show them this Post.

    I’m hoping that @bungeshea will update this after reading my posts #16 & #17. The issue that I’m seeing, while whitelist mod_sec masks the problem, it still seems to me that there is a CodeSnippets-specific issue happening.

    @elenaocone @retunes @gevcen – I’m still curious if you see the same behavior in that there’s certain code that causes the error.

    Plugin Author Shea Bunge

    (@bungeshea)

    @rolevine unfortunately, I don’t think there is a lot I am able to do. Being able to write and submit code containing PHP tags and $_POST variables is expected behaviour when using the Code Snippets plugin. There are a lot of situations where it indicates a security hole, and that is what modsecurity is blocking, but in this case it should be considered a false positive.

    The best way to solve this may be to turn off the SecFilterScanPOST rule for the wp-admin/admin.php page.

    @bungeshea – Thanks for the follow-up. The last point I want to clarify is that up until a few months/weeks ago, there was no issue with saving scripts with $_POST in them. So at some point, and I wish I could help identify that point, the issue started to happen where it previously didn’t.

    Dear all,

    I have just tried again, and surprizingly now I’m not facing the issue anymore…
    That’s realy strange to me because I did nt apply the suggestion about the modsec.

    So for me the point is resolved. Anyone else still facing the issue?

    Kr

    @gevcen – on any one of my sites I can disable mod_sec, save a snippet successfully, then reenable mod_sec and fail with a 403 (not 404) every time. Though, as I’ve stated before, it’s because I have $_POST in my snippet.

    Hi there!
    I’ve just faced the same issue: I can’t save a snippet, the error 404 appears. One month ago everything worked just fine. Is it possible to do anything about it?

    Plugin Author Shea Bunge

    (@bungeshea)

    @zebra999 have you checked your server settings to see whether a security module is enabled?

    @bungeshea unfortunately I don´t have an access to Admin Panel to view server settings, but via Duplicator plugin I can see that “Safe Mode: Off” (PHP section). Does it mean that security module is disabled?

Viewing 13 replies - 16 through 28 (of 28 total)
  • The topic ‘404 Error after save’ is closed to new replies.