Hi all,
Since two days ago we are receiving the following error message: "You don't have permission to access /ojs/index.php/rlmm/user/email on this server." everytime we try to send an email to any authors/editors/members.
For example, if you click the "mail icon" above the Editor name or Corresponding Author name you are directed to a white page with the above message.
Can you help me figure out this problem???.
Best regards,
Error Message when trying to send email to authors!!
Moderators: jmacgreg, michael, jheckman, barbarah, btbell, bdgregg, asmecher
Forum rules
What to do if you have a technical problem with OJS:
1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.
2. Check the FAQ to see if your question or error has already been resolved.
3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.
What to do if you have a technical problem with OJS:
1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.
2. Check the FAQ to see if your question or error has already been resolved.
3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.
7 posts
• Page 1 of 1
Error Message when trying to send email to authors!!
by lorenzoat » Tue May 08, 2012 7:34 am
- lorenzoat
- Posts: 24
- Joined: Sat Apr 10, 2010 9:41 am
Re: Error Message when trying to send email to authors!!
by asmecher » Tue May 08, 2012 7:49 am
Hi lorenzoat,
You probably have a firewall that is mistakenly triggering the denial message based on the page contents. I'd suggest trying to temporarily disable it in order to see if that's the problem or not; if that changes the behavior, you may need to fine-tune its ruleset.
Regards,
Alec Smecher
Public Knowledge Project Team
You probably have a firewall that is mistakenly triggering the denial message based on the page contents. I'd suggest trying to temporarily disable it in order to see if that's the problem or not; if that changes the behavior, you may need to fine-tune its ruleset.
Regards,
Alec Smecher
Public Knowledge Project Team
- asmecher
- Posts: 5768
- Joined: Wed Aug 10, 2005 12:56 pm
Re: Error Message when trying to send email to authors!!
by lorenzoat » Tue May 08, 2012 8:01 am
Hi Alec,
We are using a shared service at webhostingpad.com.
I verify on my Cpanel account and I could not find any "firewall" setting.
If you are talking about the computer I am working with. I had tried 4 diff. computers and Firefox, IExplore and Chrome.
Any more suggestions?.
Thanks,
Regards,
We are using a shared service at webhostingpad.com.
I verify on my Cpanel account and I could not find any "firewall" setting.
If you are talking about the computer I am working with. I had tried 4 diff. computers and Firefox, IExplore and Chrome.
Any more suggestions?.
Thanks,
Regards,
- lorenzoat
- Posts: 24
- Joined: Sat Apr 10, 2010 9:41 am
Re: Error Message when trying to send email to authors!!
by asmecher » Tue May 08, 2012 8:18 am
Hi lorenzoat,
The email send form contains the words "delete" and "from" in it, and we've had reports of at least one server-side firewall that intervenes in that situation because it suspects an SQL injection attack. The content on the page is totally innocent ("delete" is used in the button that deletes attachments from the message, and "from" is used to indicate the sending email address) but unfortunately the firewall overreacts. There's not much we can do from within OJS except e.g. to rename the delete button to something more obscure. We've only heard of this second-hand, however, so I don't have any specific recommendations beyond investigating whatever firewall software you have. It's probably something server-side. There are other threads about this on the forum, and those might have more specific information.
That's assuming my diagnosis is correct, but I think it's likely.
Regards,
Alec Smecher
Public Knowledge Project Team
The email send form contains the words "delete" and "from" in it, and we've had reports of at least one server-side firewall that intervenes in that situation because it suspects an SQL injection attack. The content on the page is totally innocent ("delete" is used in the button that deletes attachments from the message, and "from" is used to indicate the sending email address) but unfortunately the firewall overreacts. There's not much we can do from within OJS except e.g. to rename the delete button to something more obscure. We've only heard of this second-hand, however, so I don't have any specific recommendations beyond investigating whatever firewall software you have. It's probably something server-side. There are other threads about this on the forum, and those might have more specific information.
That's assuming my diagnosis is correct, but I think it's likely.
Regards,
Alec Smecher
Public Knowledge Project Team
- asmecher
- Posts: 5768
- Joined: Wed Aug 10, 2005 12:56 pm
Re: Error Message when trying to send email to authors!!
by lorenzoat » Tue May 08, 2012 8:31 am
Hi Alec,
I called the "Support/Customer Center" of my webhosting provider.
At the end it was a new mod_security rule that was originating this weird behavior.
Now, our OJS installation is running smoothly as usually..
Thanks for your quick support and patience..
Best regards,
I called the "Support/Customer Center" of my webhosting provider.
At the end it was a new mod_security rule that was originating this weird behavior.
Now, our OJS installation is running smoothly as usually..
Thanks for your quick support and patience..
Best regards,
- lorenzoat
- Posts: 24
- Joined: Sat Apr 10, 2010 9:41 am
Re: Error Message when trying to send email to authors!!
by wblandon » Thu May 17, 2012 7:10 am
Hi lorenzoat.
We disabled mod_security in Apache and the problem was resolved. what rules do you enable on mod_security for OJS work without disable this module? We have Fedora 16.
Thanks.
We disabled mod_security in Apache and the problem was resolved. what rules do you enable on mod_security for OJS work without disable this module? We have Fedora 16.
Thanks.
- wblandon
- Posts: 26
- Joined: Fri Apr 27, 2012 2:25 pm
Re: Error Message when trying to send email to authors!!
by lorenzoat » Thu May 17, 2012 8:22 am
Hi wblandon,
Actually, I don't know the answer to your question. The server admin just disable completely the mod_security.
Regards,
Actually, I don't know the answer to your question. The server admin just disable completely the mod_security.
Regards,
- lorenzoat
- Posts: 24
- Joined: Sat Apr 10, 2010 9:41 am
7 posts
• Page 1 of 1
Return to OJS Technical Support
Who is online
Users browsing this forum: No registered users and 6 guests