Category Archives: bad-request

Apache web server sending 400 response

We have configured NTLM authentication using SSPI on apache due to which the authentication is three steps, where there are two 401 responses followed by 201/200 response.

Now in IE browser, this breaks because of - Why "Content-Length: 0" in POST requests?

Apache web server sends a 400 bad request response due to empty post request due to which POST on the server breaks.

How can I configure Apache to not treat this as 400 BAD request and process it normally?

CAKE PHP v2 – Access Denied – 400 Bad Request, our browser sent a request that this server could not understand

I was called to give maintenance on a project in cake php. The customer had the project running perfectly on your hosting, and accidentally deleted the entire contents, then I was called to the reimplantation into a new hosting.

I did the standard procedure, I copied all files to an FTP directory, and fix new connection links with the database in database.php files and wordpresscomponent.php (since the project has an integration with a page on wordpress) and also in the wp-config.php own folder that runs the other application in wordpress.

At first I was quite open issues on the site, broken images and forms not working. I realized I was missing permissions on the temp folder (after uploading the files in the new FTP new provider), then gave permission 755 in the temp folder in the core of the internal folder and the "files" folder in \ app \ webroot \ files also realized my Filezilla corrupted files and images to upload, then had to redo the whole upload new files. And the site has returned to work.

But I have a problem in the design of the administrative panel. There is a tab that register objects of type "products" and "newspaper" which are text with images (representing products that are going on the site page).

Whenever I edit an information of that page, I get the error mentioned in this topic. " 400 Bad Request

Your browser sent a request that this server could not understand."

UPDATE: I noticed that the error is related to a table that is loaded in the product object information. If I edit a product, and exclude this table, or create a new product, the error shows different, which seems to be related only to a function that loads images:

Fatal error: Class 'imagick' not found in /home/serramar.coop.br/public_html/app/Plugin/upload/Model/Behavior/UploadBehavior.php on line 829

nutrition atribute from log

#

HOSTING SERVER ERROR LOG:

[Tue Mar 22 03:35:19 2016] [error] [client 189.110.14.241] ModSecurity:      Access denied with code 400 (phase 2). Pattern match "\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:data[Product][nutrition]. [id "950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"] [hostname "serramar.coop.br"] [uri "/admin/products/edit/7"] [unique_id "aqC917rtAAIAAENAEKkAAAA2"]

[Tue Mar 22 03:35:19 2016] [error] [client 189.110.14.241] ModSecurity: Audit log: Failed to lock global mutex: Bad file descriptor [hostname "serramar.coop.br"] [uri "/admin/products/edit/7"] [unique_id "aqC917rtAAIAAENAEKkAAAA2"]

[Tue Mar 22 03:35:19 2016] [error] [client 189.110.14.241] ModSecurity: Audit log: Failed to unlock global mutex: Bad file descriptor [hostname "serramar.coop.br"] [uri "/admin/products/edit/7"] [unique_id "aqC917rtAAIAAENAEKkAAAA2"]
#

/public_html htaccess:

<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteRule    ^$ app/webroot/    [L]
 RewriteRule    (.*) app/webroot/$1 [L]
</IfModule>
#

/public_html/app htaccess:

<IfModule mod_rewrite.c>
 RewriteEngine on
 #RewriteBase /webroot/
 RewriteRule    ^$    webroot/    [L]
 RewriteRule    (.*) webroot/$1    [L]
</IfModule>
#

/public_html/app/webroot htaccess:

<IfModule mod_rewrite.c>
 RewriteEngine on
 #RewriteBase /app/webroot/
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>
#

Product Controller.php in public_html/app/Controller/ProductsController.php

<?php
App::uses('AppController', 'Controller');
/**
 * Products Controller
 *
 * @property Product $Product
 */
class ProductsController extends AppController {

    public function beforeFilter() {
        $directory = $this->webroot . 'files' . DS . 'product' . DS . 'picture' . DS;
        $this->set('directory', $directory);
        $this->set('tabelanutricional', $this->Product->getTabelaNutricional());
        return parent::beforeFilter();
    }

/**
 *  Layout
 *
 * @var string
 */
    public $layout = 'bootstrap';

/**
 * 
 *
 * @var array
 */
    public $helpers = array('TwitterBootstrap.BootstrapHtml', 'TwitterBootstrap.BootstrapForm', 'TwitterBootstrap.BootstrapPaginator');
/**
 * Components
 *
 * @var array
 */
    public $components = array('Session');

    public function index($line = null){
        $this->layout = 'default';
        $this->Product->recursive = 0;
        $this->redirect('/#produtos');
    }

    public function serramar(){
        $this->layout = 'default';
        $this->Product->recursive = 0;
        $products = $this->Product->find('all', array('conditions'=>array('Product.line'=>'serramar')));
        $this->set('products', $products);
        $this->set('page', 'produtos');
        $this->set('subtitle', 'Conheça a linha de produtos feitos com o mais delicioso leite das fazendas, um privilégio que você pode ter todos os dias em sua casa');
    }

    public function maringa(){
        $this->layout = 'default';
        $this->Product->recursive = 0;
        $products = $this->Product->find('all', array('conditions'=>array('Product.line'=>'maringa')));
        $this->set('products', $products);
        $this->set('page', 'produtos');
        $this->set('subtitle', 'A tradição que põe um sabor especial na sua mesa.');
    }

    public function milkmix(){
        $this->layout = 'default';
        $this->Product->recursive = 0;
        $products = $this->Product->find('all', array('conditions'=>array('Product.line'=>'milkmix')));
        $this->set('products', $products);
        $this->set('page', 'produtos');
        $this->set('subtitle', 'A saborosa bebida láctea da Serramar em novos e deliciosos sabores: ameixa e laranja. Saiba mais!');
    }

    public function serramar_all($id = null){
        $this->layout = 'ajax';
        $products = $this->Product->find('all', array('conditions'=>array('Product.line'=>'serramar')));
        $this->set('products', $products);
        $this->set('id', $id);
    }
    public function milkmix_all($id = null){
        $this->layout = 'ajax';
        $products = $this->Product->find('all', array('conditions'=>array('Product.line'=>'milkmix')));
        $this->set('products', $products);
        $this->set('id', $id);

    }
    public function maringa_all($id = null){
        $this->layout = 'ajax';
        $products = $this->Product->find('all', array('conditions'=>array('Product.line'=>'maringa')));
        $this->set('products', $products);
        $this->set('id', $id);

    }

/**
 * index method
 *
 * @return void
 */
    public function admin_index() {
        $this->Product->recursive = 0;
        $this->set('products', $this->paginate());
    }

/**
 * view method
 *
 * @param string $id
 * @return void
 */
    public function admin_view($id = null) {
        $this->Product->id = $id;
        if (!$this->Product->exists()) {
            throw new NotFoundException(__('Invalid %s', __('product')));
        }
        $this->set('product', $this->Product->read(null, $id));
    }

/**
 * add method
 *
 * @return void
 */
    public function admin_add() {
        if ($this->request->is('post')) {
            $this->Product->create();
            if ($this->Product->save($this->request->data)) {
                $this->Session->setFlash(
                    __('The %s has been saved', __('product')),
                    'alert',
                    array(
                        'plugin' => 'TwitterBootstrap',
                        'class' => 'alert-success'
                    )
                );
                $this->redirect(array('action' => 'index'));
            } else {
                $this->Session->setFlash(
                    __('The %s could not be saved. Please, try again.', __('product')),
                    'alert',
                    array(
                        'plugin' => 'TwitterBootstrap',
                        'class' => 'alert-error'
                    )
                );
            }
        }               
    }

/**
 * edit method
 *
 * @param string $id
 * @return void
 */
    public function admin_edit($id = null) {
        $this->Product->id = $id;
        if (!$this->Product->exists()) {
            throw new NotFoundException(__('Invalid %s', __('product')));
        }
        if ($this->request->is('post') || $this->request->is('put')) {
            if ($this->Product->save($this->request->data)) {
                $this->Session->setFlash(
                    __('The %s has been saved', __('product')),
                    'alert',
                    array(
                        'plugin' => 'TwitterBootstrap',
                        'class' => 'alert-success'
                    )
                );
                $this->redirect(array('action' => 'index'));
            } else {
                $this->Session->setFlash(
                    __('The %s could not be saved. Please, try again.', __('product')),
                    'alert',
                    array(
                        'plugin' => 'TwitterBootstrap',
                        'class' => 'alert-error'
                    )
                );
            }
        } else {
            $this->request->data = $this->Product->read(null, $id);
        }

    }

/**
 * delete method
 *
 * @param string $id
 * @return void
 */
    public function admin_delete($id = null) {
        if (!$this->request->is('post')) {
            throw new MethodNotAllowedException();
        }
        $this->Product->id = $id;
        if (!$this->Product->exists()) {
            throw new NotFoundException(__('Invalid %s', __('product')));
        }
        if ($this->Product->delete()) {
            $this->Session->setFlash(
                __('The %s deleted', __('product')),
                'alert',
                array(
                    'plugin' => 'TwitterBootstrap',
                    'class' => 'alert-success'
                )
            );
            $this->redirect(array('action' => 'index'));
        }
        $this->Session->setFlash(
            __('The %s was not deleted', __('product')),
            'alert',
            array(
                'plugin' => 'TwitterBootstrap',
                'class' => 'alert-error'
            )
        );
        $this->redirect(array('action' => 'index'));
    }
}

Apache httpd bad request when accessing by ip address – Review Board

I have setup Review Board and it works fine when accessed from localhost. When I try to access it by ip (from LAN), I get BAD REQUEST.

I have copied apache-wsgi.conf to my apache conf directory.

apache-wsgi.conf

<VirtualHost *:8088>
    ServerName localhost
    DocumentRoot "/var/www/reviews.als.kz/htdocs"

    # Error handlers
    ErrorDocument 500 /errordocs/500.html

    WSGIPassAuthorization On
    WSGIScriptAlias "/reviews" "/var/www/reviews.als.kz/htdocs/reviewboard.wsgi/reviews"

    <Directory "/var/www/reviews.als.kz/htdocs">
            AllowOverride All
            Options -Indexes +FollowSymLinks
            Require all granted
    </Directory>

    # Prevent the server from processing or allowing the rendering of
    # certain file types.
    <Location "/reviews/media/uploaded">
            SetHandler None
            Options None

            AddType text/plain .html .htm .shtml .php .php3 .php4 .php5 .phps .asp
            AddType text/plain .pl .py .fcgi .cgi .phtml .phtm .pht .jsp .sh .rb

            <IfModule mod_php5.c>
                    php_flag engine off
            </IfModule>
    </Location>

    # Alias static media requests to filesystem
    Alias /reviews/media "/var/www/reviews.als.kz/htdocs/media"
    Alias /reviews/static "/var/www/reviews.als.kz/htdocs/static"
    Alias /reviews/errordocs "/var/www/reviews.als.kz/htdocs/errordocs"
    Alias /reviews/favicon.ico "/var/www/reviews.als.kz/htdocs/static/rb/images/favicon.png"

I have installed reviewboard into /var/www/reviews.als.kz directory. Chown-ed it to apache:apache.

I run it on Fedora 21. Review Board version 2.0.12 Apache httpd version 2.4.10

Thanks