HostGator (Apache 2) mod_security rule

[GoogleCodeExporter]

The script isn't working on HostGator without them changing a setting
server side. Here is reply from HostGator:

"It looks like this script was being blocked by a mod_security rule. I have
disabled this rule for this domain, and the site appears to be working now.
Please check around the site and let us know if you see any other problems."

We get a lot of clients on HostGator, and they get a 404 page in WP if they
try the thumb.php image url.

Could there be a possible tweak for this?

Original issue reported on code.google.com by magnusje...@gmail.com on 31 Oct 2008 at 10:31

[GoogleCodeExporter]

Yes, I would appreciate an update on this as well. 

Original comment by misscof...@gmail.com on 20 Nov 2008 at 5:43

[GoogleCodeExporter]

poor web hosting, even I have relleser there, they don't want to solve this 
matter.

Original comment by indolu...@gmail.com on 27 Nov 2008 at 6:22

[GoogleCodeExporter]

I'm using Lypha Hosting. but this script doesnt work there aswell. :S

Original comment by waqasl...@gmail.com on 29 Nov 2008 at 9:52

[GoogleCodeExporter]

Does anyone have a link to a website where this happens?

I've not seen the problem so would need ftp access to an account using it so 
that I 
can try to work out a fix.

If anyone wants me to look then make a support request here - 
http://binarymoon.mojohelpdesk.com/tech - with your ftp details and I will take 
a 
look

Original comment by BinaryMoon on 9 Jan 2009 at 8:45

• Changed state: Accepted

[GoogleCodeExporter]

i cant use it at http://www.platech.com.tr/tr/bolumler/urunlerimiz

but i can use http://www.erkangenc.com/tr/bolumler/urunlerimiz

both are have same code but different servers.

Original comment by erkang...@gmail.com on 21 Feb 2009 at 9:24

[GoogleCodeExporter]

Have we gotten a fix for this yet?

Can you even tell me what I need to tell hostgator so they get this fixed? 
because I 
just had them whitelist the mod_sec on my domain and it didn't help.

Original comment by btreece...@gmail.com on 12 Mar 2009 at 6:37

[GoogleCodeExporter]

can someone try the latest version of the files? I still haven't been given 
access to
a server that is having this problem so I have no idea if it's fixed or not but 
I've
made changes recently which may help.

Original comment by BinaryMoon on 14 Mar 2009 at 9:45

[GoogleCodeExporter]

Hi,

I tried this using version 1.07 on my HG server and it doesn't work.

Original comment by david%ou...@gtempaccount.com on 23 Mar 2009 at 2:18

[GoogleCodeExporter]

Hi,

I tried version 1.07 in HostGator, the first time with this usage:
[...]/thumb.php?src=http://www.-.com/wp/wp-content/[...]  and it didn't work.

So i contacted HG support and then replied with:

"I have whitelisted mod security rules causing this issue. Please let us know 
if you
continue to have issues with thumbnails on wordpress."

I tried again but it didn't work, so I tried modifiying the path without the 
domain
this way:  [...]/thumb.php?src=/wp/wp-content/[...]  and it works on hostgator.

timthumb.php was renamed to thumb.php.

Original comment by manu.esc...@gmail.com on 4 Apr 2009 at 2:51

[GoogleCodeExporter]

Hi Manu

Can you please tell me where you changed the path information without domain 
details?
 I have host gator and have been working on this issue for about a week without
resolution.

Any assistance apprecaited

Ian Kelly

Original comment by ian_j_ke...@yahoo.com.au on 7 Apr 2009 at 2:19

[GoogleCodeExporter]

I'm also using Host Gator and I'm looking for a solution, could you please say 
Manu
where did you modify the settings?

Original comment by matheuss...@gmail.com on 7 Apr 2009 at 6:46

[GoogleCodeExporter]

Hi All

I got the following response overnight from Host Gator, it has fixed the 
problem for
me, but does not assist for any future installs / theme updates.  If anyone more
technical then i could explain what the may have done that would be apprecaited

-------------------------
"Hello,

There was a problem with your initial theme install ontop of the mod_sec rules.
Permissions were set wrong which i have changed and the rules that were 
blocking your
theme have since been whitelisted. Thank you for your patience in this matter."
-------------------------

Regards

Ian

Original comment by ian_j_ke...@yahoo.com.au on 7 Apr 2009 at 10:31

[GoogleCodeExporter]

Hi,

Host Gator have been very good and responsive, basically for each site, simply 
ask
them through support to complete the following

add following rules [ 1234234,340151 ] to mod_security for www.yourwebsite.com
Please whitelist for the domain

And you'll be sorted

Regards

Ian

Original comment by ian_j_ke...@yahoo.com.au on 8 Apr 2009 at 2:35

[GoogleCodeExporter]

quot: [Hi,

Host Gator have been very good and responsive, basically for each site, simply 
ask
them through support to complete the following

add following rules [ 1234234,340151 ] to mod_security for www.yourwebsite.com
Please whitelist for the domain

And you'll be sorted

Regards

Ian
]

Hi there,

I had the exact same problem with a free theme from WooThemes and contacted 
HostGator
and asked them to do exactly as you said and it worked.

Thank you

Remi Vladuceanu
http://www.remivladuceanu.com 

Original comment by remyvlad...@gmail.com on 14 Apr 2009 at 1:53

[GoogleCodeExporter]

I too just got HostGator to whitelist the sec rules, they also adjusted 
permissions
and the best I can tell they changed the cache folder and the theme folder back 
to
755. After they white listed the sec rules the fix didn't work until I 
contacted them
a second time where they reset the permissions.

As far as telling them what you need ... just let them know you have a WordPress
theme that uses TimThumb script and it's returning 404 errors on images, give 
them a
link to one of the 404's and they will be able to go from there. (they may not 
even
need that much information)

Hope it helps others as I spent nearly 12 hours troubleshooting every known
possibility as well as a few re-installs of the theme.

Good luck and thanks for a great script.

Scott Prock - @ScottProck
http://eTweeple.com

Original comment by 100f...@gmail.com on 10 May 2009 at 11:30

[GoogleCodeExporter]

Hostgator will whitelist any modsec rules that you have from their live chat 
now.
There are typically 2, but sometimes 3 rules that need to be whitelisted.
340151 AND 340153 AND 1234234

As far as permissions go, they're running phpsuexec, so folders and script 
pages need
to be 755 at the highest to work properly, html pages need to be 644.

Original comment by taro...@gmail.com on 23 May 2009 at 1:39

[GoogleCodeExporter]

@tarosic I copy pasted what you said and they knew exactly what to do for it 
and did
it within seconds in the live chat, thanks!

Original comment by Chre...@gmail.com on 28 Jun 2009 at 6:45

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

This was posted on the WooThemes forum, so maybe it will be of help to somebody 
here:

Probably need to make this one a sticky post.

Here's the deal. Apache is the actual software on your server that spits out 
your
files, and has been designed to accept add-in modules, similar to adding things 
to
Firefox, you add "modules" to Apache to do certain things.

Hostgator has installed a special module in their servers to kill spammers, 
rootkits,
security violator and server rapers.

Yippeee! It's a part of the apache web server called "mod sec" - i.e. "module
security". mod_sec is kinda tricky to configure, and it's best left to rocket
scientists, and Hostgator went out and got some easy config software from these
people to set up mod_sec so that it kills bad things and lets good things pass:

http://www.atomicorp.com
Atomicorp (Gotroot.com) ModSecurity rules
Just In Time Patches for Vulnerable Applications Rules for modsec 2.x
Created by the Prometheus Group (http://www.prometheus-group.com)
Copyright 2005,2006 and 2007 by the Prometheus Group, all rights reserved.
14121 Parke Long Court
Suite 220
Chantilly
Virginia
20151
E-mail: info@prometheus-group.com
Telephone: 703-266-6006
Fax: 703-266-6007

The software uses special filter files called "rule sets" like you would
find with firewalls - very programmer oriented - ya gotta be a programmer to
understand most of it.

Their rule sets work with Apache's mod_sec to do the security on your server.

Like any security mechanism, sometimes the guy with the gun is clamping things 
down
too tight, for good reason, but winds up killing something you need.

QUICK FIX TO GET YOUR THEME WORKING - You need to have sysadmin skills to
do this - so this is for people like the guy who wrote this post who knows what 
to do
if they know where to go - the rest of you will will need to contact Hostgator 
to
have them do the rest of this.

By disabling the ruleset in /opt/mod_security/modesecurity.conf by commenting 
it out,
and restarting apache your images will magically appear.

Below, you'll see 10_asl_rules.conf commented out with a #, essentially not 
including
it in the file load when mod_sec gets loaded.

Include /opt/mod_security/00_asl_whitelist.conf
Include /opt/mod_security/10_asl_antimalware.conf
# Include /opt/mod_security/10_asl_rules.conf
Include /opt/mod_security/20_asl_useragents.conf
Include /opt/mod_security/30_asl_antimalware.conf
Include /opt/mod_security/40_asl_apache2-rules.conf
Include /opt/mod_security/50_asl_rootkits.conf
Include /opt/mod_security/60_asl_recons.conf
Include /opt/mod_security/98_asl_jitp.conf
Include /opt/mod_security/99_asl_jitp.conf
Include /opt/mod_security/whitelist.conf

Restart apache ( at the server's root prompt

#apachectl stop

(you'll see some server daemon shutdown messages)

#apachectl start

Now, that'll kill the ruleset for the moment and get you operational, but 
really you
want that ruleset working for you.

You would want to go in and edit out the rule that kills
thumb.php - good luck and then restart apache again.

Perhaps someone else knows which rule this is ... 

Original comment by magnusje...@gmail.com on 21 Aug 2009 at 11:51

[GoogleCodeExporter]

I also had the same problem, the image resizer function (timthumb.php) of the 
theme I
used with wordpress didn't work. Even I set the cache folder in Hostgator to 
have
permission to read and write already.

After I read the comment of this site
(http://premiumthemes.net/theme-support/tips-n-tutorials/image-not-showing-up-tr
oubleshooting-image-resizer-thumbphp.html)
and do what it say.

I did Live Chat with Hostgator, they took around 30 minutes to resolve the 
problem,
finally it works. See how it works go to http://www.buythischeapnow.com

Original comment by boongzog...@gmail.com on 24 Aug 2009 at 6:31

[GoogleCodeExporter]

HOST GATOR WILL GET IT WORKING REFER THEM TO THIS PAGE AND HAVE THEM LOOK AT 
COMMENT 16

Original comment by Disabled...@gmail.com on 31 Aug 2009 at 5:28

[GoogleCodeExporter]

anyone know how to get it work if i am not with hostgator? but i am running 
centOS 
with cpanel/whm and apache here.

what must i put into the mod_security configuration?

thanks in advance!

Original comment by galen....@gmail.com on 10 Sep 2009 at 7:31

[GoogleCodeExporter]

If you have only one or two websites, or don't work with any clients, chatting 
with
HostGator is all fine and dandy. But, if you have a lot of sites (not just all 
on the
same shared hosting account) or if you work with clients who choose the hosting 
and
how it gets configured, that isn't really a solution that is workable.

Does anyone know what exactly in the mod_sec rules is being violated? It seems 
odd
that a plug-in like this would trigger any of these kind of rules. I'm betting 
it is
one step that is just a tad too clever and if we could tweak it, then this whole
issue could go away for everyone (theme developers, site owners, consultants, 
etc...)

Or, if we are 100% sure that this all works as intended, then we could start 
asking
HostGator to make the modifications necessary by default on all installs of 
WordPress.

Original comment by brianene...@gmail.com on 20 Sep 2009 at 6:01

[GoogleCodeExporter]

since this seems to be an issue with the host rather than the script I will 
mark it
as fixed.

Original comment by BinaryMoon on 31 Dec 2009 at 5:18

• Changed state: Fixed

[GoogleCodeExporter]

Have the same problem with timthumb and hostgator, just chat with their support 
and 
they fix it in less than 5 minutes..great!!!

Original comment by lorenz%l...@gtempaccount.com on 9 Mar 2010 at 7:32

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

I am having this same issue, but when I contacted hostgator and referred them 
to the
information here they said they tried all of it, but the problem is persisting! 
They
said :
 I apologize Jessie, the issue appears to be with the script of the theme itself
rather than mod_sec now. The mod_sec issue was fixed, and I even ran it by an 
admin
and they said the same thing. I'd talk to them and have them figure out why 
they're
script doesn't load from the thumb.php file properly.

Can anyone help me? my blog is at morrisfisherblog.com

Original comment by jessie.m...@gmail.com on 15 Mar 2010 at 7:32

[GoogleCodeExporter]

jessie - why don't you post in the WooThemes forum if you are using a WooTheme? 
Your
thumbnails are working though http://is.gd/5V1Ia

Original comment by magnusje...@gmail.com on 15 Mar 2010 at 7:42

[GoogleCodeExporter]

This saved me from bashing my head into my computer out of frustration. Thank 
you!

Original comment by edawebde...@gmail.com on 15 Mar 2010 at 9:26

[GoogleCodeExporter]

I also hit this problem yesterday. Started a new hostgator chat, told them 
simply that 
"An apache mod_sec rule is preventing a script (timthumb.php) from running on 
my site. 
Could you please whitelist my domain so it is allowed to run?" and it was 
resolved in 
minutes.

I should also note that the script is pulling the full image URL (including 
http://) and 
generating everything just fine. You can see it in action here: 
http://seedplanted.org

Original comment by rzenme...@gmail.com on 16 Mar 2010 at 12:44

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Thank you for information, this is is great! I host at hawkhiost and ask them 
to read
this thread as they also clear mod_sec rules for the domain, and it works.
AS you can see at http://taxbanking.com but inage on old posts can't be seen

Original comment by surajama on 29 Apr 2010 at 5:03

[GoogleCodeExporter]

http://www.google.com/url?sa=t&source=web&ct=res&cd=3&ved=0CCEQFjAC&url=http%3A%
2F%2Fwww.elegantthemes.com%2Fhostgator.pdf&ei=gRPqS4GNOIG0lQeXo4TVCg&usg=AFQjCNE
4jyl9gTJRQfZy-z_8nSaKZOkoSg&sig2=TT_gC-iwGQEf_bwUpvla_g

Original comment by tbril...@gmail.com on 12 May 2010 at 2:59

[GoogleCodeExporter]

i got some problem with thumbnail at my site. i have change the chmod 
permission for the file, but it doesn't running well done. any one could 
suggest me some idea ? please feel free to find it at http://www.onlinejolie.com

thanks much 4 your advice.

Original comment by mymu...@gmail.com on 28 Oct 2010 at 4:04

[GoogleCodeExporter]

i purchased the template VIDEOZOOM and I am hosted with hostgator, I contacted 
them about changing the permissions like it said in the thread and they said 
they do not taper to third party scripts. I'm locked in with them for a year so 
is there any other solutions or can i get a refund for the template?

Original comment by JamesTvi...@gmail.com on 25 Feb 2011 at 3:47

[GoogleCodeExporter]

I am on hostgator as well. They said it's all in the script.

Original comment by mar...@shaw.ca on 1 Mar 2011 at 12:23

[GoogleCodeExporter]

Usually its only a mod_security rule that needs to be whitelisted, if you 
havent installed and configured the script correctly then there is nothing your 
host can do to resolve this.
mod_security helps protect websites from injections, poor webhosting is when 
your website gets hacked over and over because the server didnt have 
mod_security installed and somebody found a hole in your beloved contact form 
that you made yourself or copied the code from the net.

Original comment by krasimir...@gmail.com on 6 Apr 2011 at 5:00

[GoogleCodeExporter]

how to fix my site from this error? can somebody explain me easily and simply 
how to do this thing?

Original comment by ldoshlak...@gmail.com on 17 May 2011 at 1:48

[GoogleCodeExporter]

Gatohost alread know this issue, found this for easy fix,

http://support.hostgator.com/articles/specialized-help/technical/timthumb-basics

Just ask for it from their support.

Original comment by ezbi.con...@gmail.com on 22 May 2011 at 4:57