.htaccess - CAKE PHP v2 - Access Denied - 400 Bad Request, our browser sent a request that this server could not understand -
i called give maintenance on project in cake php. customer had project running on hosting, , accidentally deleted entire contents, called redo deploy new hosting.
i did standard procedure, copied files ftp directory, , fix new connection links database in database.php files , wordpresscomponent.php (since project has integration page on wordpress) , in wp-config.php own folder runs other application in wordpress.
at first quite open issues on site, broken images , forms not working. realized missing permissions on temp folder (after uploading files in new ftp new provider), gave permission 755 in temp folder in core of internal folder , "files" folder in \ app \ webroot \ files realized filezilla corrupted files , images upload, had redo whole upload new files. , site has returned work.
but have problem in design of administrative panel. there tab register objects of type "products" , "newspaper" text images (representing products going on site page).
whenever edit information of page, error mentioned in topic. " 400 bad request
your browser sent request server not understand."
update: noticed error related table loaded in product object information. if edit product, , exclude table, or create new product, error shows different, seems related function loads images:
fatal error: class 'imagick' not found in /home/serramar.coop.br/public_html/app/plugin/upload/model/behavior/uploadbehavior.php on line 829
#
hosting server error log:
[tue mar 22 03:35:19 2016] [error] [client 189.110.14.241] modsecurity: access denied code 400 (phase 2). pattern match "\\\\%(?!$|\\\\w|[0-9a-fa-f]{2}|u[0-9a-fa-f]{4})" @ args:data[product][nutrition]. [id "950107"] [msg "url encoding abuse attack attempt"] [severity "warning"] [hostname "serramar.coop.br"] [uri "/admin/products/edit/7"] [unique_id "aqc917rtaaiaaenaekkaaaa2"] [tue mar 22 03:35:19 2016] [error] [client 189.110.14.241] modsecurity: audit log: failed lock global mutex: bad file descriptor [hostname "serramar.coop.br"] [uri "/admin/products/edit/7"] [unique_id "aqc917rtaaiaaenaekkaaaa2"] [tue mar 22 03:35:19 2016] [error] [client 189.110.14.241] modsecurity: audit log: failed unlock global mutex: bad file descriptor [hostname "serramar.coop.br"] [uri "/admin/products/edit/7"] [unique_id "aqc917rtaaiaaenaekkaaaa2"] /public_html htaccess:
<ifmodule mod_rewrite.c> rewriteengine on rewriterule ^$ app/webroot/ [l] rewriterule (.*) app/webroot/$1 [l] </ifmodule> /public_html/app htaccess:
<ifmodule mod_rewrite.c> rewriteengine on #rewritebase /webroot/ rewriterule ^$ webroot/ [l] rewriterule (.*) webroot/$1 [l] </ifmodule> /public_html/app/webroot htaccess:
<ifmodule mod_rewrite.c> rewriteengine on #rewritebase /app/webroot/ rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^(.*)$ index.php [qsa,l] </ifmodule> product controller.php in public_html/app/controller/productscontroller.php
<?php app::uses('appcontroller', 'controller'); /** * products controller * * @property product $product */ class productscontroller extends appcontroller { public function beforefilter() { $directory = $this->webroot . 'files' . ds . 'product' . ds . 'picture' . ds; $this->set('directory', $directory); $this->set('tabelanutricional', $this->product->gettabelanutricional()); return parent::beforefilter(); } /** * layout * * @var string */ public $layout = 'bootstrap'; /** * * * @var array */ public $helpers = array('twitterbootstrap.bootstraphtml', 'twitterbootstrap.bootstrapform', 'twitterbootstrap.bootstrappaginator'); /** * components * * @var array */ public $components = array('session'); public function index($line = null){ $this->layout = 'default'; $this->product->recursive = 0; $this->redirect('/#produtos'); } public function serramar(){ $this->layout = 'default'; $this->product->recursive = 0; $products = $this->product->find('all', array('conditions'=>array('product.line'=>'serramar'))); $this->set('products', $products); $this->set('page', 'produtos'); $this->set('subtitle', 'conheça linha de produtos feitos com o mais delicioso leite das fazendas, um privilégio que você pode ter todos os dias em sua casa'); } public function maringa(){ $this->layout = 'default'; $this->product->recursive = 0; $products = $this->product->find('all', array('conditions'=>array('product.line'=>'maringa'))); $this->set('products', $products); $this->set('page', 'produtos'); $this->set('subtitle', 'a tradição que põe um sabor especial na sua mesa.'); } public function milkmix(){ $this->layout = 'default'; $this->product->recursive = 0; $products = $this->product->find('all', array('conditions'=>array('product.line'=>'milkmix'))); $this->set('products', $products); $this->set('page', 'produtos'); $this->set('subtitle', 'a saborosa bebida láctea da serramar em novos e deliciosos sabores: ameixa e laranja. saiba mais!'); } public function serramar_all($id = null){ $this->layout = 'ajax'; $products = $this->product->find('all', array('conditions'=>array('product.line'=>'serramar'))); $this->set('products', $products); $this->set('id', $id); } public function milkmix_all($id = null){ $this->layout = 'ajax'; $products = $this->product->find('all', array('conditions'=>array('product.line'=>'milkmix'))); $this->set('products', $products); $this->set('id', $id); } public function maringa_all($id = null){ $this->layout = 'ajax'; $products = $this->product->find('all', array('conditions'=>array('product.line'=>'maringa'))); $this->set('products', $products); $this->set('id', $id); } /** * index method * * @return void */ public function admin_index() { $this->product->recursive = 0; $this->set('products', $this->paginate()); } /** * view method * * @param string $id * @return void */ public function admin_view($id = null) { $this->product->id = $id; if (!$this->product->exists()) { throw new notfoundexception(__('invalid %s', __('product'))); } $this->set('product', $this->product->read(null, $id)); } /** * add method * * @return void */ public function admin_add() { if ($this->request->is('post')) { $this->product->create(); if ($this->product->save($this->request->data)) { $this->session->setflash( __('the %s has been saved', __('product')), 'alert', array( 'plugin' => 'twitterbootstrap', 'class' => 'alert-success' ) ); $this->redirect(array('action' => 'index')); } else { $this->session->setflash( __('the %s not saved. please, try again.', __('product')), 'alert', array( 'plugin' => 'twitterbootstrap', 'class' => 'alert-error' ) ); } } } /** * edit method * * @param string $id * @return void */ public function admin_edit($id = null) { $this->product->id = $id; if (!$this->product->exists()) { throw new notfoundexception(__('invalid %s', __('product'))); } if ($this->request->is('post') || $this->request->is('put')) { if ($this->product->save($this->request->data)) { $this->session->setflash( __('the %s has been saved', __('product')), 'alert', array( 'plugin' => 'twitterbootstrap', 'class' => 'alert-success' ) ); $this->redirect(array('action' => 'index')); } else { $this->session->setflash( __('the %s not saved. please, try again.', __('product')), 'alert', array( 'plugin' => 'twitterbootstrap', 'class' => 'alert-error' ) ); } } else { $this->request->data = $this->product->read(null, $id); } } /** * delete method * * @param string $id * @return void */ public function admin_delete($id = null) { if (!$this->request->is('post')) { throw new methodnotallowedexception(); } $this->product->id = $id; if (!$this->product->exists()) { throw new notfoundexception(__('invalid %s', __('product'))); } if ($this->product->delete()) { $this->session->setflash( __('the %s deleted', __('product')), 'alert', array( 'plugin' => 'twitterbootstrap', 'class' => 'alert-success' ) ); $this->redirect(array('action' => 'index')); } $this->session->setflash( __('the %s not deleted', __('product')), 'alert', array( 'plugin' => 'twitterbootstrap', 'class' => 'alert-error' ) ); $this->redirect(array('action' => 'index')); } }
the problem solved!!!
after repairing logs again:
[tue mar 22 22:30:26 2016] [error] [client 200.100.30.37] modsecurity: access denied code 400 (phase 2). pattern match "\\\\% ($ | \\\\ w | [0-9a-fa-f] {2} | u [0-9a-fa-f] {4}!)" @ args: date [product] [nutrition]. [id "950107"] [msg "url encoding abuse attack attempt"] [severity "warning"] [hostname "serramar.coop.br"] [uri "/ admin / products / edit / 7"] [unique_id "rjzfclrtaaiaamynqueaaabm" ] [tue mar 22 22:30:46 2016] [error] [client 200.100.30.37] modsecurity: access denied code 400 (phase 2). pattern match "\\\\% ($ | \\\\ w | [0-9a-fa-f] {2} | u [0-9a-fa-f] {4}!)" @ args: date [product] [nutrition]. [id "950107"] [msg "url encoding abuse attack attempt"] [severity "warning"] [hostname "serramar.coop.br"] [uri "/ admin / products / edit / 7"] [unique_id "r3hz1rrtaaiaakh1tkeaaabr" ] i saw denying access of product nutrition table, code:
[product] [nutrition] http://i.stack.imgur.com/yg7q3.png
i deleted table, , tried register again product , gave error:
[tue mar 22 22:31:46 2016] [error] [client 200.100.30.37] php fatal error: class 'imagick' not found in /home/serramar.coop.br/public_html/app/plugin/upload/model/ behavior / uploadbehavior.php on line 829, referer: http://serramar.coop.br/admin/products/edit/7 then realized 'imagick' class standard class in every host supports php, , suspected client's hosting not support php.
i upload whole project again in php hosting have (hostgator), , worked without error.
cause: hosting without support php. solution: hosting replacement 1 php support.
Thanks for give us valuable information
ReplyDeleteContact WordPress Support
WordPress Support Service
Very Helpful. Thanks for such Information
ReplyDeleteWP Help
24x7 WP Support