php - Why do I get HTTP 501 errors for certain requests? -
i've written simple webapp myself able edit files on server, when i'm @ place allows http , https ports...
but encountered weird problem it.
normally these headers exchanged when save file (confidential info removed):
https://example.com/? post /? http/1.1 host: example.com user-agent: mozilla/5.0 (windows nt 6.1; rv:36.0) gecko/20100101 firefox/36.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: hu-hu,en-us;q=0.8,hu;q=0.5,en;q=0.3 accept-encoding: gzip, deflate dnt: 1 referer: https://example.com/?path=/home/csirmazd/public_html/[...]/fs/view/login.php&view=preview cookie: [...] connection: keep-alive content-type: application/x-www-form-urlencoded content-length: 644 [...] http/1.1 303 see other date: sat, 28 mar 2015 14:57:40 gmt server: apache/2.2.29 (unix) mod_ssl/2.2.29 openssl/1.0.1e-fips mod_bwlimited/1.4 x-powered-by: php/5.4.36 expires: thu, 19 nov 1981 08:52:00 gmt cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache location: ?path=/home/csirmazd/public_html/[...]/fs/view/login.php&view=preview content-length: 0 keep-alive: timeout=5, max=100 connection: keep-alive content-type: text/html ---------------------------------------------------------- https://example.com/?path=/home/csirmazd/public_html/[...]/fs/view/login.php&view=preview /?path=/home/csirmazd/public_html/[...]/fs/view/login.php&view=preview http/1.1 host: example.com user-agent: mozilla/5.0 (windows nt 6.1; rv:36.0) gecko/20100101 firefox/36.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: hu-hu,en-us;q=0.8,hu;q=0.5,en;q=0.3 accept-encoding: gzip, deflate dnt: 1 referer: https://example.com/?path=/home/csirmazd/public_html/[...]/fs/view/login.php&view=preview cookie: [...] connection: keep-alive http/1.1 200 ok date: sat, 28 mar 2015 14:57:40 gmt server: apache/2.2.29 (unix) mod_ssl/2.2.29 openssl/1.0.1e-fips mod_bwlimited/1.4 x-powered-by: php/5.4.36 expires: thu, 19 nov 1981 08:52:00 gmt cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache keep-alive: timeout=5, max=99 connection: keep-alive transfer-encoding: chunked content-type: text/html; charset=utf-8 ----------------------------------------------------------
but when try save specific file, namely dir.php different:
https://example.com/? post /? http/1.1 host: example.com user-agent: mozilla/5.0 (windows nt 6.1; rv:36.0) gecko/20100101 firefox/36.0 accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: hu-hu,en-us;q=0.8,hu;q=0.5,en;q=0.3 accept-encoding: gzip, deflate dnt: 1 referer: https://example.com/?path=/home/csirmazd/public_html/[...]/fs/view/dir.php&view=preview cookie: [...] connection: keep-alive content-type: application/x-www-form-urlencoded content-length: 4604 [...] http/1.1 501 method not implemented date: sat, 28 mar 2015 15:03:04 gmt server: apache/2.2.29 (unix) mod_ssl/2.2.29 openssl/1.0.1e-fips mod_bwlimited/1.4 allow: trace content-length: 458 connection: close content-type: text/html; charset=iso-8859-1 x-pad: avoid browser bug ----------------------------------------------------------
and message in browser
get / not supported.
what? why work else?
the underlying php code isn't invoked @ all.
first thought it's buggy .htaccess. if remember disabled it, having single rewriteengine on
in in root directory. don't think that's issue. (it still processes example.com/ invoking index.php it.)
my second thought maximum size of post requests small. can edit larger files without problems.
now ran out of ideas don't know look.
any ideas?
it seems root of problem modsecurity module on apache server installed hosting provider.
as others had issues on different site.
so tried experiment , posted same content random uri , got same error before. thing doesn't when submit code forms.
so obvious solution turning off.
in particular case there no option in cpanel turn off, managed bypass base64 encoding form content on client side.
Comments
Post a Comment