Error 500 on Joomla! 2.5.4 Content Creation

April 5, 2012
By Jasper Frumau
Joomla!

Was working on setting up a Joomla! 2.5.4 website in 10 languages starting with English and Dutch. While I was trying to add some dummy articles just to get the general structure done I ran into an error 500 on saving an article. I checked the logs and I found:

[Thu Apr 05 15:21:40 2012] [error] [client xxx.xxx.xx.xx]
 mod_security: Access denied with code 500.
 Pattern match"((select|grant|delete|insert|drop|alter|replace|truncate|update|create|rename|describe)
 [[:space:]]+[A-Z|a-z|0-9|\\\\*| |\\\\,]+[[:space:]]+(from|into|table|database|index|view)
 [[:space:]]+[A-Z|a-z|0-9|\\\\*| |\\\\,]|UNION SELECT.*\\\\'.*\\\\'.*,[0-9].*INTO.*FROM)"
 at POST_PAYLOAD [hostname "domain.com"] [uri "/administrator/index.php?option=com_content&layout=edit&id=0"]

Don’t remember running into this with Joomla! at least not for a long time. Either because of the new version or because of some new server security. ~~Anyways, we’ll work it out…~~

I had to add some more details to .htaccess. I might not need the PHP values, but I did have to shut down the SecFilterEngine and SecFilterScanPost:

php_value memory_limit 60M
 php_value max_execution_time 200
 php_value max_input_time 200
 php_value upload_max_filesize 20M

SecFilterEngine Off
 SecFilterScanPOST Off

Tagged in : error 500

Jasper Frumau

Jasper has been working with web frameworks and applications such as Laravel, Magento and his favorite CMS WordPress including Roots Trellis and Sage for more than a decade. He helps customers with web design and online marketing. Services provided are web design, ecommerce, SEO, content marketing. When Jasper is not coding, marketing a website, reading about the web or dreaming the internet of things he plays with his son, travels or run a few blocks.