I would highly appreciate if someone can suggest should we completely remove mod security for version 4.02 to get installed or certain mod security rules can be removed for cs-cart version 4.02 to work.
We raised the issue to cs-cart help and they replied.
Unfortunately, we do not specialize on the server configuration.
Best regards,
Sergey Gorbunov.
I would appreciate if someone can help us.
YPG
From the other mod_security thread:
The rules to ignore are:
950904
950906
959007
950107
There are a few ways to do it depending on how your host is setup. They should be able to disable the requested rules for just your domain on request. If they can't google “disable mod_security rules by ID” to see if one of those options work for you. If they do not then you may want to consider changing hosting companies. Any of the hosts listed in the Marketplace → Third party Solutions ->Compatible Hosting will work with CS-Cart without issue. I personally like RangeHosting.
Sent from my ASUS Transformer Pad TF700T using Tapatalk 4
Thanks for your reply. We would try this and get back.
YPG
I'm having the same issues! Where do we modify these rules that are listed? This area is new to me. Thanks!
There appears to be a bug in the installer script around the code in install/app/Installer/Validator.php after line 430
=======
public function isModeSecurityDisabled()
{
$checking_result = true;
ob_start();
phpinfo(INFO_MODULES);
$_info = ob_get_contents();
ob_end_clean();
if (strpos($_info, 'mod_security') !== false) {
App::instance()->setNotification('E', App::instance()->t('error'), App::instance()->t('text_mod_security'), true, 'validator');
$checking_result = false;
}
return $checking_result;
}
========
What this function is doing is checking if the mod_security is enabled or disabled for the entire server rather than checking it for the cs-cart script only.
[size=3]
[size=4]As a result even if mod_security is disabled for a domain the cs-cart is not able to detect it. [/size][/size]
[size=3]
[size=4]YPG[/size][/size]
Strange, I have mod_security installed on my server and have no problem installing 4.02. I'm not sure what to tell you, sorry I can't be of more help.
Sent from my EVO using Tapatalk 4
[quote name='tletourneau' timestamp='1381560951' post='169603']
Strange, I have mod_security installed on my server and have no problem installing 4.02. I'm not sure what to tell you, sorry I can't be of more help.
Sent from my EVO using Tapatalk 4
[/quote]
I CAN SAY THAT YOU ARE LUCKY!
YPG
Hey guys, I finally had the CS-Cart pros help me and this was the solution that helped me:
I replaced this part of the code:
if (strpos($_info, 'mod_security') !== false) {
App::instance()->setNotification('E', App::instance()->t('error'), App::instance()->t('text_mod_security'), true, 'validator');
$checking_result = false;
}
with this one:
/* if (strpos($_info, 'mod_security') !== false) {
App::instance()->setNotification('E', App::instance()->t('error'), App::instance()->t('text_mod_security'), true, 'validator');
$checking_result = false;
}*/
in the install/app/Installer/Validator.php file of your CS-Cart installation.
[quote name='joshin' timestamp='1381783399' post='169737']
Hey guys, I finally had the CS-Cart pros help me and this was the solution that helped me:
I replaced this part of the code:
if (strpos($_info, 'mod_security') !== false) {
App::instance()->setNotification('E', App::instance()->t('error'), App::instance()->t('text_mod_security'), true, 'validator');
$checking_result = false;
}
with this one:
/* if (strpos($_info, 'mod_security') !== false) {
App::instance()->setNotification('E', App::instance()->t('error'), App::instance()->t('text_mod_security'), true, 'validator');
$checking_result = false;
}*/
in the install/app/Installer/Validator.php file of your CS-Cart installation.
[/quote]
This is no solution but a way to skip the install/app/Installer/Validator.php script.
If you have to skip the script then what is the use of having it at all.
YPG