evocheck.php not showing anything (evo 1.04 )
wishbone-design opened this issue · 7 comments
Yes, I still have a 1.04 site running because of a lot of proprietary code.
Tried to find the double plugin - but -none.
Tried to run evocheck - doesn't show anything. Empty page.
Any guess?
Thx
Is it a Litespeed server?
If so, I had the same issue and I think this is what got it working for me...
- in the .htaccess file in the root folder, I had to disable mod_security like so:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
- enable the manager .htaccess file by renaming it from ht.access (eg manager / .htaccess) that comes with Evolution and "Turn the filtering engine Off" with the code that is in the .htaccess file
# No redirect
RewriteEngine Off
<IfModule mod_security.c>
# Turn the filtering engine Off
SecFilterEngine Off
</IfModule>
Hopefully that helps.
ps I am not a programmer so may not be able to help with anything more technical than the above.
thx, nick0 !! no liteSpeed server. I added your suggestions both to root and manager .htaccess - no difference. Empty page.
@wishbone-design - I would be very careful doing a complete disable for mod_security on a site, it is there for a reason. Particularly if you are running an old MODX Evo version.
thx bossloper. had already returned it, cause no cure for my problem...
Which version / source of evocheck? Possibly it´s not compatible back to 1.04 but I need to check.
Also there is no guarantee that the pre-defined search-strings will find anything at all, if it is a new kind of hack.
the one from the repository, 0.1
I checked for double plugins in the DB - none found...
No worries @wishbone-design, worth a shot.
I would be very careful doing a complete disable for mod_security on a site, it is there for a reason. Particularly if you are running an old MODX Evo version.
Unfortunately on litespeed in my instances I need to do that otherwise lots of 403 / blank pages are shown when trying to save resources etc - and also annoying auto manager logouts seem to happen without it too.
Good luck @wishbone-design.