dcs0582

Okay, I figured out how to enable error logging from my hosting “control panel”, and here’s my buggaboo:

[Fri Feb 27 10:19:58 2009] [error] [client 15.203.233.204] mod_security: Access denied with code 403. Pattern match "((alter|create|drop):space:+(column|database|procedure|table)|delete:space:+from|update.+set.+=)" at POST_PAYLOAD [id "300015"][rev "1"] [msg "Generic SQL injection protection"] [severity "CRITICAL"] [hostname "oktroop479.org"] [uri "/wp-admin/post.php"] [unique_id "SagSrUJ06wEAAEou5w8"]

So I am getting jammed by mod_security. Problem is, when I try to disable it via .htaccess in the root of my website, that causes an error 500 just on page load. Why?

[Fri Feb 27 10:27:12 2009] [alert] [client 200.105.234.6] /hsphere/local/home/ap265880/oktroop479.org/.htaccess: SecFilterScanPOST not allowed here

I repeat my former analysis: IX Webhosting sucks.

Same problem here this morning. Driving me out of my flipping mind.

Also: IX Webhosting sucks.

Running with 2.7.1 here …

I tried adding this to the .htaccess file at the root of my site:

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

That caused my main page to no longer display, so I removed the four lines.

Next I tried changing the mode on /wp-admin/options.php to 774, but that didn’t cure the 403 error when trying to change general options.

From options-general.php, all in the world I’m trying to do is change my stupid timezone from UTC-4 to UTC-6. When I make the option change then click “Save Changes”, I get the frustrating “Error 403. Forbidden.” with /wp-admin/options.php as the URL. Very frustrating!

Is there some way to go in with phpMyAdmin and diddle some bits in the database to switch the timezone?