-
Ron, glad that’s fixed.
I then tried to recreate the problem by attempting to edit other NOTES which I found on the database with similar odd characters – but failed to generate the same error message.
That probably means that the issue is in the actual words used rather than any “odd” characters.
Mod_security is a valuable tool for server management, in the fight against hackers, but like any such tool it relies on recognising patters, of characters, words, phrases, actions etc.. So it is not that hard to run foul of one of it’s rules once in a while. But I’ve always found it slightly surprising that it doesn’t report, at least to the web host, the precise text etc that it rejected. That way you might avoid switching off the whole rule, but instead just tweak it slightly. It’s a bit like a very sophisticated spell-checker – mostly helpful, but really annoying some times 🙂
…nothing to do with kiwitrees
Kind-of true. It is to do with kiwitrees in as much as we do need to have extensive interactions with SQ; much more than an average web site; and often through the use of form data that transmits from php to sql via headers, cookies, urls etc. The code does have extensive protection against hacking attempts via code-injection the (use of those transfer techniques to inject malware code into the system) but we do have to be constantly vigilant. The nature of kiwitrees does make the problem a “necessary evil” we can only guard against, not ever eliminate.
Nigel
My personal kiwitrees site is www.our-families.info
Author
