I did search the archives but didn't find anything helpful. Of course, I may have gone about that badly, in any case...
I get an error page with the following:
Method Not Implemented POST to /wiki/index.php not supported.
when I try to save or preview the following text during an edit:
== Modify an existing user name == * ssh to xxxxx.marmot.org (999.999.999.999) * su - * vi /etc/passwd (chg username and home dir) * vi /etc/shadow (chg username) * cd /var/spool/mail * mv <OLDNAME> <NEWNAME> * cd /home * mv <OLDNAME> <NEWNAME> * vi /etc/groups (chg group name, if applicable) * exit (or ^D) * notify appropriate person via phone or prior email.
The problem appears to be related to the forward slash, but the pattern of what fails and what works isn't consistent. Sometimes a single slash causes the problem and sometimes not, but then a second slash causes the problem again... When I remove this text all is good again.
I'm confused and dismayed... Can anyone straighten me out on this?
Thanks. -- Steve Lindemann __ Network Administrator //\ ASCII Ribbon Campaign Marmot Library Network, Inc. \// against HTML/RTF email, url: http://www.marmot.org //\ vCards & M$ attachments email: mailto:steve@marmot.org voice: +1.970.242.3331 ext 16 fax: +1.970.245.7854
Steve Lindemann wrote:
I did search the archives but didn't find anything helpful. Of course, I may have gone about that badly, in any case...
I get an error page with the following:
Method Not Implemented POST to /wiki/index.php not supported.
== Modify an existing user name == * ssh to xxxxx.marmot.org (999.999.999.999) * su - * vi /etc/passwd (chg username and home dir) * vi /etc/shadow (chg username) * cd /var/spool/mail
I'm confused and dismayed... Can anyone straighten me out on this?
Seems a problem with mod_secure. This apache module is too paranoic, and blocking page submisions merely mentioning /etc/passwd or /etc/shadow is like the kind of things it does. Just uninstall it.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Steve Lindemann wrote:
I did search the archives but didn't find anything helpful. Of course, I may have gone about that badly, in any case...
I get an error page with the following:
Method Not Implemented POST to /wiki/index.php not supported.when I try to save or preview the following text during an edit:
== Modify an existing user name == * ssh to xxxxx.marmot.org (999.999.999.999) * su -
[snip]
Number one suspect if it's related to this sort of content would be an "application security" layer such as mod_security in your web browser that's misconfigured to assume everything that looks like a shell command is a hacking attempt.
- -- brion vibber (brion @ wikimedia.org)
Steve Lindemann wrote:
I did search the archives but didn't find anything helpful. Of course, I may have gone about that badly, in any case...
I get an error page with the following:
Method Not Implemented POST to /wiki/index.php not supported.when I try to save or preview the following text during an edit:
snip<<<
Just want to say thanks... moving /etc/httpd/conf.d/mod_security.conf some place else and restarting httpd did the trick. I would have been a while finding that on my own, assuming I would have found it on my own!
Forgot to mention we have the latest ver of Mediawiki and are running it on Fedora 7 with whatever version of Apache is current on that... I really have to work on my list etiquette... 8^) -- Steve Lindemann __ Network Administrator //\ ASCII Ribbon Campaign Marmot Library Network, Inc. \// against HTML/RTF email, url: http://www.marmot.org //\ vCards & M$ attachments email: mailto:steve@marmot.org voice: +1.970.242.3331 ext 16 fax: +1.970.245.7854
mediawiki-l@lists.wikimedia.org