[MediaWiki-l] RedirectSpecialPage.php Shared Host File Deletion

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[MediaWiki-l] RedirectSpecialPage.php Shared Host File Deletion

WikiMedia General mailing list
So, I'm just thinking out loud here to blow off steam.  I've seen
mod_security block MW edits and some other weird things on shared hosting.

Apparently, a shared host I admin for a project must have enabled some type
of proactive scanning with ClamAV or more like a ClamAV Frankenstein and it
is throwing false positive on RedirectSpecialPage.php. Trying to add it back
manually, I can create the file but as soon as I add in the code. the host
deletes it. I tried uploading it. Denied with message ->

"The file you uploaded, RedirectSpecialPage.php, contains a virus so the
upload was canceled: YARA.blackhole_basic.UNOFFICIAL FOUND"

Obvious it is a false positive, but WOW. Posting just in case someone else
is dealing with a stupid hosting provider who likes to flip switches and
fails to poll then review the consequences before actually flipping the
switches.

Tom


_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Reply | Threaded
Open this post in threaded view
|

Re: RedirectSpecialPage.php Shared Host File Deletion

Jeffrey Walton
On Mon, Aug 17, 2020 at 3:09 PM Tom Hutchison via MediaWiki-l
<[hidden email]> wrote:

>
> So, I'm just thinking out loud here to blow off steam.  I've seen
> mod_security block MW edits and some other weird things on shared hosting.
>
> Apparently, a shared host I admin for a project must have enabled some type
> of proactive scanning with ClamAV or more like a ClamAV Frankenstein and it
> is throwing false positive on RedirectSpecialPage.php. Trying to add it back
> manually, I can create the file but as soon as I add in the code. the host
> deletes it. I tried uploading it. Denied with message ->
>
> "The file you uploaded, RedirectSpecialPage.php, contains a virus so the
> upload was canceled: YARA.blackhole_basic.UNOFFICIAL FOUND"
>
> Obvious it is a false positive, but WOW. Posting just in case someone else
> is dealing with a stupid hosting provider who likes to flip switches and
> fails to poll then review the consequences before actually flipping the
> switches.

Yeah, mod_security does get a bit aggressive. The one annoys me is the
horizontal rule I sometimes use as a break instead of a full blown
heading, like H4 or H5:

  -----

mod_security blocks that when the first two chars in a line are dash.
I often have to turn off mod_security to submit the page.

Jeff

_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l