PHPJunkyard support forum


https://developers.phpjunkyard.com/

The word "cURL" crashes HESK !!!

https://developers.phpjunkyard.com/viewtopic.php?t=539

Page 1 of 1

The word "cURL" crashes HESK !!!

Posted: Tue Nov 29, 2005 5:18 am
by chris_j
Script URL: http://www.phpjunkyard.com/hesk/index.php?a=add
Version of script: latest
Version of PHP: latest
Hosting company: n/a
Have you searched THIS FORUM for your problem: yes
(if not please do before posting)
If so, what terms did you try:

Write your message below:

When we use the word "cURL" with a trailing blank space (just after the word "cURL" -- of course, without the quotes) in the body/subject of a ticket, we get an error "Forbidden" when submitting the ticket.

Please help.

PS: This PHPbb board also seems to have the same error. Try posting a msg with the above scenario and you'll see the same error!!!

Posted: Wed Nov 30, 2005 8:44 pm
by Klemen
Ha, strange. It doesn't actually crash Hesk but forbids posting, must be something with the server setup?

Posted: Wed Nov 30, 2005 9:11 pm
by chris_j
It seems to be happening with ALL the servers I tried on.
In fact, it also happens on YOUR demo server at http://www.phpjunkyard.com/hesk/index.php?a=add .
If you find the problematic setting, please let me know so that I can try it on my end.

Thanks for the help. :)

Posted: Mon Dec 05, 2005 6:40 am
by chris_j
So...any quick fix for this bug???

Posted: Mon Dec 05, 2005 7:07 pm
by Klemen
It's not really a Hesk bug, my guess is it has something to do with PHP/server setup. See this simple script, has the same error:
http://www.phpjunkyard.com/extras/curl_test.php

I haven't figured out what's wrong, will post here if I find out anything.

Posted: Mon Dec 05, 2005 10:38 pm
by Henrie
It could have something to do with the "CURL" library of PHP (see http://uk.php.net/manual/en/ref.curl.php)

The closest thing i have found to a solution is these posts http://www.vbulletin.com/forum/bugs.php ... bugid=4193 and http://www.vbulletin.com/forum/showthread.php?t=128963.

So it looks like mod_security is causing the problems.
The rules in mod_Security are probably to strict. Uninstall it or fixing the permissions properly will probably help.

Greetings,
Henrie

Posted: Mon Dec 05, 2005 11:19 pm
by Klemen
Thanks Henrie! I indeed run mod_security on this server, will have a closer look and/or contact the provider.

Posted: Mon Dec 05, 2005 11:32 pm
by Klemen
OK, got it:

It is indeed because of mod_security. To disable this check login to your server as root then find the mod_security.conf file and find this line (you will need to ask your host to do this if you don't have root access):

SecFilterSelective ARGS "curl(space)"

Just uncomment it:

# SecFilterSelective ARGS "curl(space)"

Restart server and it should allow posting "curl(space)" normally.


I have decided to leave it filtering on my server so it still doesn't work here, but feel free to disable it on your server.

P.S. : replace (space) with actual space

Regards,
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited