post.php: 412 Precondition failed (7 posts)

  1. firebadger
    Posted 9 years ago #

    Hi all,

    I seem to be having a problem writing about a block of output from my router's debug function; when I try to save, save and continue, or post the entry, I receive the error:

    Precondition Failed

    The precondition on the request for the URL /wp-admin/post.php evaluated to false.

    I have noticed this error comes up in a search of the forums, for other pages, but not post.php - and as it seems to be centred on a particular block of text - I thought it may be a creditable bug.

    That said, there is a .htaccess option to enable here, that I will try. But again, I'm not entirely sure it will be relevant to my problem.

    I've included a dump of what I'm trying to post in the pastebin, here.

    Thanks for any help in advance :)

  2. firebadger
    Posted 9 years ago #

    And to update: the fix described here does in fact work (just substitute the file name for 'post.php' obviously.)

    Still seems like a bug, but this is a good enough work-around (I hope). Anyone know what the .htaccess code actually does? :)

  3. whooami
    Posted 9 years ago #

    that does exactly what it says -- it disables mod_security when that specifically named file is accessed.

    And judging by what you are attempting to post, I'm going to hazard a guess that's the problem. Especially, if using that didnt produce an Apache 500 error - which would be the normal response to that being used if your server was not using mod_security.

    You might want to disable it completely for your admin area, and see if that helps. Note that you can re-enable it after you have posted if you like, or leave it, it doesnt matter.

    IF YOU DO NOT HAVE an .htaccess in your wp-admin/ directory:

    create a text file on your desktop:

    put the following inside it:

    <IfModule mod_security.c>
    SecFilterInheritance Off

    save the file. name it whatever you want

    Upload the file to your wp-admin directory.

    Rename the uploaded file to .htaccess (with the .)

    IF YOU DO HAVE an .htaccess in your wp-admin/ directory:

    Edit it, and add the following:

    <IfModule mod_security.c>
    SecFilterInheritance Off

    save the new .htaccess


    PS: it's not a bug, btw :)

  4. whooami
    Posted 9 years ago #

    and if you want to know what mod_security is:


  5. firebadger
    Posted 9 years ago #

    Thanks for the explanation, whooami. It's working with mod_security off on post.php, so I'll keep it turned on for the rest of it, at least for now.

    I know that what I was posting would a challenge for any script attempting to parse it - I know it'd cause me a few nightmares, but come now, isn't this what the code tags are meant for?

    I thought they were meant to escape anything within the pasted code/output.

    I still maintain that it's an inevitability which WordPress doesn't cope with, and gives a very ungraceful error - it is a bug. I won't be the last person to try and paste in Cisco router output and when met with the same error (which doesn't describe anything useful) I doubt I'll be the last person to find it frustrating.

  6. whooami
    Posted 9 years ago #

    Youre confusing apples with oranges..

    mod_security and wordpress have nothing to do with one another .. the code tags works exactly as they should, and what they do has no impact on mod_security.

    It isnt a bug -- because its not a wordpress issue as no amount of escaping (within reason) is going to circumvent what mod_security reacts to within a given http_post

    For instance, if mod_security doesnt allow for an http_post that contains the word ".htaccess" how might that be escaped in order to circumenvent m_s? (and that is a very real possibility on a good deal of default mod_security setups) And how would WP know to escape that word, if it even could?

    If you find mod_security to be more trouble than its worth disable site-wide and be done with it.

    Lastly, while there __have been__ a good deal of other issues ...


    ...that probably do need addressing as far as how wp triggers mod_security, WHY should wp developers concern themselves with learning the ins and outs of something such as m_s just so the word ".htaccess" can be posted? What about the next word, and the next, and the next.

    I use approximately 3-400 lines of mod_security specific code on my own site -- how many words/strings am I catching?

  7. firebadger
    Posted 9 years ago #

    Ok, I see what you're getting at now - I apologise.

    Thanks for the explanation :)

Topic Closed

This topic has been closed to new replies.

About this Topic