PLEASE NOTE: These forums are no longer utilized and are provided as an archive for informational purposes only. All support issues will be handled via email using our support ticket system. For more detailed information on this change, please see this blog post.

Error saving in the entry section if there is a link (http://) + mod_security

  1. Hello (first, sorry for my poor english)

    When I try to modify any entries in my latest form I get an error 404. After few hours I have pinpoint 2 hint to help me resolve the bug but I cant go further with my knowledge :

    The first hint is quite simple : when I save a form with the following string "http://" the form send me to a 404 error and dosent save the form.

    The second hint came from my web host. I got blacklisted twice from his servers. After investigations we found out it was me who trigger the error each time I saved the entries.
    Here is the mod security log :

    URL:
    /wp-admin/admin.php?page=gf_entries&view=entry&id=8&lid=235&filter=&paged=2&pos=28 HTTP/1.1

    Message:
    Access denied with code 403 (phase 2). Match of "rx ://%{SERVER_NAME}/" against "ARGS:input_4" required. [file "/usr/local/apache/conf/modsec/10_asl_rules.conf"] [line "1216"] [id "340464"] [rev "54"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: Remote File Injection attempt in ARGS (admin.php)"] [severity "CRITICAL"]

    As a quick fix I removed all the "http://" string in the form but it could be nice to get a good fix.

    By entries I mean the messages

    Posted 7 years ago on Monday February 25, 2013 | Permalink
  2. Your host needs to relax their mod_security rules to allow this normal form submission through. We've discussed this very topic a few times before: http://www.gravityhelp.com/forums/tags/10_asl_rulesconf

    Please contact your host.

    Posted 7 years ago on Tuesday February 26, 2013 | Permalink
  3. Any hint on what to change on the server specificly? My host is really strict on security and wont just lower security in general....

    Posted 7 years ago on Tuesday February 26, 2013 | Permalink
  4. I'm afraid I am not familiar with the configuration of those mod_security rules. You can show them the error and have them allow that specific request through. It's a normal Gravity Forms function which is being prevented by the mod_security rules.

    Posted 7 years ago on Saturday March 2, 2013 | Permalink