search

justintadlock / exhale-manuscript

GNU General Public License v2.0
2 stars 0 forks source link

Problem activating theme on Siteground #1

Open erikjoling opened 5 years ago

erikjoling commented 5 years ago

You might have a naming issue. While trying to activate the Manuscript on my website I got an access denied server-message.

/wp-admin/themes.php?action=activate&stylesheet=exhale-manuscript&_wpnonce=XXX

Turns out my host, Siteground, has a security rule which checks the url with ModSecurity against this pattern: Pattern match "(<.*>.*<.*/.*>|onmouseover|onload|onerror|onclick|javascript|onfocus|iframe|script)"

Manuscript...

justintadlock commented 5 years ago

CC: @SiteGround

I'm not a regex pro, but I'd think this can be updated to make sure script doesn't match words like Manuscript.

Some other words I could think of:

erikjoling commented 5 years ago

Answer from Siteground helpdesk on me asking if the problem of the theme activation would happen on other Shared servers from them as well:

I can confirm that on all Shared Servers there is ModSecurity and you could confirm that via the tutorial below:

https://www.siteground.com/kb/how_does_siteground_protect_my_website/

I whitelisted that specific rule, the ModSecurity is active and it is working for the website.