Jump to content
flamey

Is Tch Blocking Imageshack.us?

Recommended Posts

I have phpBB forum, and whenever soneone's trying to include image hosted on imageshack.us in the their post they get an "406 Not Acceptable" error. This does not happen with other image hosts. People are wondering, and so am I. On phpBB support forum I've read that this is a "server-side problem - your host has decided to block POST packets containing whatever is special about the imageshack links".

 

Is this true?

If it is, what other image hosts are being blocked (so I can let users know which sites not to use)? And what's the reason for this blocking, if not a secret?

 

Thanks!

Share this post


Link to post
Share on other sites

yeah, same story on TCH Forums, but not on others I visit... so, why is TCH blocking it, its only images... :-/

Edited by flamey

Share this post


Link to post
Share on other sites

done + fixed. thank you!

 

*me still wonders why is foto hosting site is being blocked :-/ *

Share this post


Link to post
Share on other sites

The site in question was not blocked by TCH. The suspectable lengthy URLs will be caught by mod_security filter on the server when executing. As you have disabled mod_security for your account through help desk ticket, the issue has resolved itself.

Share this post


Link to post
Share on other sites
The site in question was not blocked by TCH. The suspectable lengthy URLs will be caught by mod_security filter on the server when executing. As you have disabled mod_security for your account through help desk ticket, the issue has resolved itself.

 

on this very forum, try to reply to this post with only single line:

http://www.image2shack.us/

only remove "2" in the middle, don't even need to use IMG tag. and you'll get the same error.

 

add the "2" in the middle - no problem.

 

i do appreciate you help in resolving it on my account, thank you. i'm just wondering that's up with this...

Edited by flamey

Share this post


Link to post
Share on other sites

Maybe because it's not a valid web site?

 

Sorry, we couldn't find www.image2shack.us

 

Checking server [whois.nic.us]

 

Results:

Not found: www.image2shack.us

Share this post


Link to post
Share on other sites

i didn't say go visit it :helpsmilie:

 

it just proves my confusion: you CAN include any web address in your post, weather domain exists or not — see its up there and its clickable... but not imageshack.us (note, that if forum engine doesn't attempt to render it as a URI, like here when did not include www prefix, its ok, its just text). but as soon as you include it -- you'll get error 406 Not Acceptable!

Share this post


Link to post
Share on other sites

Like alex said. Something about imageshack url is causing our mod_security rules to trip.

 

I will have Ryan take a peak at this and he will respond directly to this thread.

 

Bill

Share this post


Link to post
Share on other sites

Same problem here. Any photo from Imageshack gets a 406 unacceptable error. I have the same IPB software as this forum. From what I've been told the mod_security rules may be overly strict or something? Is there a fix in the works other than disabling it in the .htaccess file (which may not be very secure)?

Edited by gtman55

Share this post


Link to post
Share on other sites

Please add these lines on .htaccess

<IfModule mod_security.c>

SecFilterEngine Off

SecFilterScanPOST Off

</IfModule>

Share this post


Link to post
Share on other sites

Alex if you read my post above I know that. My question is does doing that make a php based forum more vulnerable to security issues?

Share this post


Link to post
Share on other sites

mod_security is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.

 

Obviously, disabling mod_security will turn off this security measures.

 

But, you can turn off mod_security for a specific file in your account. For example if the file image-upload.php is calling the external image url, you can turn off mod_security for the upload script only like

 

 

<IfModule mod_security.c>

<Files image-upload.php >

SecFilterEngine Off

SecFilterScanPOST Off

</Files>

</IfModule>

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...