#34920 closed defect (bug) (invalid)
Failing to save post if this specific code snippet is in it
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.4 |
Component: | General | Keywords: | |
Focuses: | Cc: |
Description
For the last week I was unable to post on my site http://icodethings.info, every time I hit save draft or publish, the "wp-admin/post.php" page just said "page not found", and wouldn't save the post.
I thought it might have been a temporary issue with my x10 host, so I waited a couple days and tried again, same issue. After much debugging, disabling plugins, changing themes, etc, I realized the issue was only with that one post, or more specifically, with one port of that post I was trying to save.
I had saved the part of the post that wasn't saving on wordpress, in an OpenOffice document to preserve formatting so I could add it into the post when my site was working again, now I found out that this piece of code in the post was causing the issue:
int main() { SetupOLED(); while (1) { DrawOLED(); } return 0; }
If I remove that code snippet, or more specifically, the main(){} part, then I'm able to update my post fine.
I'm guessing something either isn't being escaped correctly, or there is some kind of php injection happening here.
Change History (9)
#2
follow-up:
↓ 5
@
9 years ago
- Keywords close added
- Resolution set to invalid
- Severity changed from blocker to normal
- Status changed from new to closed
#4
@
9 years ago
- Summary changed from Failing to save post if this sepcific code snippit is in it to Failing to save post if this specific code snippet is in it
#5
in reply to:
↑ 2
@
9 years ago
Replying to Ipstenu:
This doesn't happen on a localhost install but I can reproduce it on my site running mod_security. This is exactly the sort of error that happens when you have mod_sec running and it sees something it doesn't like :(
So is there a solution? I'm assuming so since you marked it as closed.
#6
follow-up:
↓ 7
@
9 years ago
You'd have to read your server logs to see why your system did it. It's probably mod_sec related but not 100% sure since other similar products do similar things. Start by digging into error logs. They should have something related to that post. Mod_sec will tell you which of it's rules were triggered and you can go from there.
#7
in reply to:
↑ 6
@
9 years ago
Replying to Ipstenu:
You'd have to read your server logs to see why your system did it. It's probably mod_sec related but not 100% sure since other similar products do similar things. Start by digging into error logs. They should have something related to that post. Mod_sec will tell you which of it's rules were triggered and you can go from there.
I don't have any access to any of the log files, wish I did, my site is running from a x10hosting fre server. Also I don't quite understand how this could be system related, do you have a link you could point me to with more information as to how this could be caused by the system?
#8
follow-up:
↓ 9
@
9 years ago
You can read http://hameedullah.com/whitelisting-wordpress-admin-wp-admin-in-mod_security-to-avoid-404-on-post-save-or-post-preview.html for a more detailed explanation. You can just google "modsecurity 404" and you'll see this happens a lot, and it's not just WordPress.
Since you're on an x10hosting and can't debug the server, there's nothing we can really do. It's not a core issue. If you want to post for support in the forums, go https://wordpress.org/support/forum/how-to-and-troubleshooting#postform :)
That said, since you literally cannot debug, you may just be stuck.
#9
in reply to:
↑ 8
@
9 years ago
Replying to Ipstenu:
You can read http://hameedullah.com/whitelisting-wordpress-admin-wp-admin-in-mod_security-to-avoid-404-on-post-save-or-post-preview.html for a more detailed explanation. You can just google "modsecurity 404" and you'll see this happens a lot, and it's not just WordPress.
Since you're on an x10hosting and can't debug the server, there's nothing we can really do. It's not a core issue. If you want to post for support in the forums, go https://wordpress.org/support/forum/how-to-and-troubleshooting#postform :)
That said, since you literally cannot debug, you may just be stuck.
Ok, thanks for your time and help ;) I'll try to figure out what to do about this, I might just end up switching to some paid hosting that has log access.
This doesn't happen on a localhost install but I can reproduce it on my site running mod_security. This is exactly the sort of error that happens when you have mod_sec running and it sees something it doesn't like :(