Amazon SES and PHPList SMTP Send as Root Issue

This is actually quite easy to do but there is one major problem if you are using WHM/cPanel.

You need to make sure you have this option set to off in Home » Server Configuration » Tweak Settings – Mail (Tab)

Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)

With this on it breaks your outgoing SMTP user so Amazon SES thinks you are not sending from a verified sender.

For more info on setting this up see here: http://www.silvatechsolutions.com/tech-tips/phplist-amazon-ses-perfect-together/

Apache Mod Security Remote File Injection Attempt jEditable

Another server migration and another error with one of my applications!

This took ages to figure out and needs to be remembered. With the latest version of mod security you can’t run any AJax calls that pass just a URL as a variable.

For example value=http://vimeo.com throws the following error with mod_security.

[shell]
[msg "Atomicorp.com UNSUPPORTED DELAYED Rules: URL detected as argument, possible Remote File Injection attempt detected"] [data "TX:1"] [severity "CRITICAL"]
[/shell]

Even if the URL is escaped it still throws this error which is very annoying. The only way I could fix it was by applying this patch to jEditable around line 335.

[code]
submitdata[settings.name] = input.val().replace(‘http’, ‘ http’);
[/code]

This basically adds white space to the first occurrence of http which means the AjAx URL that is now submitted looks like value=+http://vimeo.com etc. By just having the + lets me beat mod security. Then on your server end if you run a trim() function you won’t get any white space of death anyway.

Phew…

cPanel Redirect and Word Press Mod Rewrite Problem

Recently I decided to change one of my permalinks on my site from /tests to /reviews. I also set up a redirect on cPanel to redirect any traffic from /tests to /reviews this is essential as Google has already indexed /tests so setting up a 301 redirect will tell Google the page has moved and avoid a nasty 404 page not found error.

However this didn’t work once I made the redirect in cPanel I got a Word Press 404 error for both /tests and /reviews! This is because the redirect rule in your .htaccess file is added at the bottom of the file after Word Press’s mod rewrite rules. Simply add the cPanel redirect rule above the Word Press mod rewrite rule and all shall be fixed again.

Yay!

Apache Mod Security SQL Injections and Variable Names

We recently upgraded our server which was running a higher version of apache Mod Security. One of my jQuery edit in line HTTP POST requests was suddenly returning a 406 Not Acceptable error which was pretty annoying.

It was because I was using a variable called type=varChar which was used to define what sort of data was being sent. Apache Mod Security was flagging this as:

[vb]
[msg "SQL Injection Attack"] [data "varchar"]
[/vb]

So I changed all occurences of varChar to vc which has now fixed the issue.

Will remember in future to never use variable names like that again.

Fixing the http upload problem if you password protect the wp-admin folder via Apache

Best post this as its quite a handy trick. If you ever password protect the wp-admin directory via Apache (which is a good thing to help stop hacking attempts) you will notice it breaks the uploading of any media.

Just add the below rules to your .htaccess file inside the wp-admin directory.

[php]
<Files "*">
Require valid-user
</Files>

<FilesMatch async-upload.php>
Allow from all
Satisfy any
</FilesMatch>

[/php]

Word Press and Cpanel Password Protected Directories Problem

Ok here is a simple fix for when you add a password protected directory via Cpanel but are using the mod rewrite apache rule for making search engine friendly URLs (permalinks).

For instance having a password protected directory ‘/protected’ will just come up with a 404 not found message on your word press site as it thinks its a permalink.

To fix this just add the following to the top of your .htaccess file that Cpanel generates found inside ‘/protected’ directory

[code]

ErrorDocument 401 default

[/code]