Method not implemented, POST not supported

[markjw]

Hi, I have phoca download working great on a site. On a second site (Fedora server, apache 2.2.0) I get this error:

Method Not Implemented
POST to /joomla/administrator/index.php not supported.

I have the component and plugin installed and I am trying to enter the following into an article when this error is returned:

{phocadownload view=file|id=1|target=b}

Any thoughts appreciated.

mark

[Jan]

Hi, no idea, I have found the string "method not implemented" in these Joomla! core files:

administrator\components\com_installer\models\extension.php
administrator\language\en-GB\en-GB.plg_xmlrpc_blogger.ini
plugins\xmlrpc\blogger.php

try to look there, maybe you will find something

Maybe it is some server issue ???
Jan

[markjw]

Hi, thanks for your quick reply. I think you are right, it must be something on server, will hunt it down and post an update here if/when find it. Mark

[Jan]

Ok

[willson]

I had the same symptom.

Solution:
{phocamaps id=1|view=map} does work
{phocamaps view=map|id=1} does not work

not the order of the arguments is switched around.

Cause is a pattern mactch for mod_security with the error log showing:

Code: Select all

[Sat Jun 13 10:31:39 2009] [error] [client xx.xxx.103.176] 
ModSecurity: Access denied with code 501 (phase 2). Pattern match
"(?:\\b(?:(?:n(?:et(?:\\b\\W+?\\blocalgroup|\\.exe)|(?:map|c)\\.exe)|t(?:racer(?:oute|t)|elnet\\.exe|clsh8?|ftp)|(?:w(?:guest|sh)|rcmd|ftp)\\.exe|echo\\b\\W*?\\by+)\\b|c(?:md(?:(?:32)?\\.exe\\b|\\b\\W*?\\/c)|d(?:\\b\\W*?[\\\\/]|\\W*?\\.\\.)|hmod.{0,40}?\\+.{0,3}x))|[\\;\\|\\`]\\W*? ..."
at ARGS:text. 
[file "/etc/httpd/conf/modsecurity/modsecurity_crs_40_generic_attacks.conf"] [line "133"] 
[id "950006"] [msg "System Command Injection"] 
[data "|id"]
[severity "CRITICAL"] [tag "WEB_ATTACK/COMMAND_INJECTION"] 
[hostname "xxxxxxxxxxx.com"] [uri "/administrator/index.php"] [unique_id "xxxxxxxxxxxxxxx"]
 

It doesn't like |id (vertical bar+i+d)

With this change my plugin could be used without further problem. Note: This symptom will not be unique to phocamaps.

Perhaps another methods of passing the plugin arguments would work (view=map, id=1) ?

Note: The complete modsecurity rule is probably the following (version 1.6.1)

Code: Select all

SecRule ARGS "(?:\b(?:(?:n(?:et(?:\b\W+?\blocalgroup|\.exe)|(?:map|c)\.exe)|t(?:racer(?:oute|t)|elnet\.exe|clsh8?|ftp)|(?:w(?:guest|sh)|rcmd|ftp)\.exe|echo\b\W*?\by+)\b|c(?:md(?:(?:32)?\.exe\b|\b\W*?\/c)|d(?:\b\W*?[\\\/]|\W*?\.\.)|hmod.{0,40}?\+.{0,3}x))|[\;\|\`]\W*?\b(?:(?:c(?:h(?:grp|mod|own|sh)|md|pp)|p(?:asswd|ython|erl|ing|s)|n(?:asm|map|c)|f(?:inger|tp)|(?:kil|mai)l|(?:xte)?rm|ls(?:of)?|telnet|uname|echo|id)\b|g(?:\+\+|cc\b))|\/(?:c(?:h(?:grp|mod|own|sh)|pp)|p(?:asswd|ython|erl|ing|s)|n(?:asm|map|c)|f(?:inger|tp)|(?:kil|mai)l|g(?:\+\+|cc)|(?:xte)?rm|ls(?:of)?|telnet|uname|echo|id)(?:[\'\"\|\;\`\-\s]|$))" \
        "phase:2,capture,t:none,t:htmlEntityDecode,t:lowercase,ctl:auditLogParts=+E,deny,log,auditlog,status:501,msg:'System Command Injection',id:'950006',tag:'WEB_ATTACK/COMMAND_INJECTION',logdata:'%{TX.0}',severity:'2'"

[Jan]

Hi, I don't know mod security, I will take a look at it. But it means, all Joomla! plugins should be overwritten because of this mod, because using "|" is standard in plugins

Jan