Dave
Staff
/ Moderator
Jan 18, 2012, 8:08 PM
Post #2 of 3
(447 views)
Shortcut
|
Hi Benedict,
It looks like your host is running an optional web server module called "mod_security" (http://www.modsecurity.org/). We've seen a lot of false error reports from mod_security in the past, so we try to disable it by default in /cmsAdmin/.htaccess, but that only works for hosts that check for .htaccess files.
A bit of google'ing suggests that this particular error is due to a bug in the way flash works and problem with mod_security accidentally reporting it as an attack.
Here's some other products and vendors with the same problem:
Drupal: http://drupal.org/node/473520
Wordpress: http://core.trac.wordpress.org/ticket/6278
Fancy Upload (search for 403): http://digitarald.de/project/fancyupload/
SWFUpload (search for Apache): http://demo.swfupload.org/Documentation/#knownissues
Uploadify (we use this one): http://www.uploadify.com/forums/discussion/6282/uploadify-script-does-not-work-with-mod_security-enabled/p1
And it looks like mod_security is working on fixing it:
https://www.modsecurity.org/tracker/browse/MODSEC-21
I'd try asking your host to disable mod_security, or upgrading it to not report that invalid error. Or just disable the flash uploader under: Admin > General.
Hope that helps!
Dave Edis - Senior Developer
interactivetools.com
|
