Hello,
I've added a Free text field to a form and when I push the "Editor" button in this fields settings I get this error message:
Not Acceptable
An appropriate representation of the requested resource /administrator/index.php could not be found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
I do have Admin tools installed on this site, but I've turned of the plugin and this error still is prevailent.
Hi,
as you deactivated admin tools I presume this msut be some protection system on your server, I can't replicate this on my test site.
Hm, okay. Maybe it's controlled by .htaccess file?
I've got to solve it somehow, and will post back if I'm successful. I guess I'm not the only one using admin tools.
I removed .htaccess, unplugged admin tools and find this in my errorlog:
[Thu Dec 18 22:15:13 2014] [error] [client 109.247.60.149] File does not exist: /home/grundev/public_html/406.shtml, referer: http://****/administrator/index.php?option=com_cck&view=field&tmpl=component&layout=edit
I also got this from mod_security:
[Thu Dec 18 22:20:19 2014] [error] [client 109.247.****] ModSecurity: Access denied with code 406 (phase 2). Pattern match "\\\\%(?![0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:params. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "18"] [id "950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"] [hostname "*****.no"] [uri "/administrator/index.php"] [unique_id "VJNTI9RxjV0AAEYiW64AAAAR"]
As you found out htis is mod_security that is blocking your request, you will need to ask your hosting provider to make an exception in the rules.
Yes, I got them to add an whitelist for that rule.
BTW, is this an item for the tracker? Mod_security is kind of important to have up and running, isn't it?