Further Apache Server / Wordpress Hacking: Comments not Working
by Matt on Jan.12, 2009, under Uncategorized
As an addendum to a previous post by yours truly, I have found, identified and solved another issue that I’m sure will plague others with Wordpress on a paranoid server.
In this particular case, my Wordpress site was working properly, except I couldn’t add categories to the list. At first I thought it might be something to do with the Linux x64 version of Firefox, and some weird Javascript / DHTML incompatibility, but the issue persisted in Windows as well.
Again, poking my head into the server’s error log yielded ANOTHER error with the mod_security rule:
[Mon Jan 12 15:02:15 2009] [error] [client <my ip> mod_security: Access denied with code 406. Pattern match "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data|text/xml)" at HEADER("Content-Type") [severity "EMERGENCY"] [uri "/wp-admin/admin-ajax.php"]
So, clearly, the problem is (yet again) that Wordpress is requesting some kind of a transaction that my server doesn’t like. Simple solution right? Just add the desired transaction type to the list of acceptable requests in the security rule. Not so fast: I have no idea what the Content-Type is set to in the HTTP header, and Google isn’t telling me like it did last time.
So now the immidiate solution is to figure out some way to get the server to tell me what the Content-Type in the header is reading as for this request. This time, Google yielded useful results: modifying the httpd.conf file (or in my case, a secondary file stored elsewhere and used as an include for Apache’s default configs, because I use an external manager to set up domains) to change the info stored in the logs did the trick. This page from the Apache online docs pointed me straight. The solution was to add \”%{Content-type}i\” to the logging rules.
ScribeFire and Wordpress / Drupal: HTTP Error 406
by Matt on Jan.01, 2009, under Technical
How oddly appropriate for a first post: fixing an issue that seems quite prevalent among the blogging community.
I’ve experimented with several CMS packages for my websites. My personal site Explodicide.com was, after much testing, eventually assembled using Drupal, using a custom theme based off of the site’s original design. In my neverending quest to streamline my everyday activities I installed ScribeFire, ’cause it sounded handy. For those not in the know, ScribeFire is a Firefox Add-On that gives you a set of tools to add posts and other content to blogs. It’s a small thing, but it’s one less tab that I have to have open in Firefox. (continue reading…)
