Since my last post, i've had a few people ask me what happens if they're with a hosting service that doesn't want to adopt the changes I mentioned to get Zen-Cart to work properly.
The answer, yes -- if you're stuck with a site that doesn't (or can't) use the changes above, you can filter them yourself, using the .htaccess files method that Zen-Cart uses.
Of course, this method has a few prerequisites:
- Your hosting provider uses the standard GotRoot Rules for mod_security (ie. they haven't modified any of the ID's).
- Your hosting provider allows the use of .htaccess files (if you can install Zen-Cart on your host at all, this is probably true).
To make this work, you need to edit two files, the main .htaccess file and the admin/.htaccess file.
important note: These changes are Case Sensitive, make sure you copy them exactly as written (or better than that, Copy-and-Paste them directly into your editor software).
Firstly, edit the main .htaccess file and add the following lines to the bottom:
<IfModule mod_security.c>
<LocationMatch "/ipn_main_handler.php">
SecFilterRemove 300015
SecFilterRemove 300016
</LocationMatch>
</IfModule>
Save this file and upload it to your webhost, this should disable the required rules to make the PayPal IPN processor work correctly.
Next, edit your admin/.htaccess (if you have renamed your admin/ directory as suggested by the Zen-Cart instructions, put that directory name in instead) file and add the following lines to the bottom:
<IfModule mod_security.c>
<LocationMatch "/admin/attributes_controller.php">
SecFilterRemove 300015
</LocationMatch>
<LocationMatch "/admin/newsletters.php">
SecFilterRemove 300015
SecFilterRemove 300016
</LocationMatch>
<LocationMatch "/admin/product.php">
SecFilterRemove 300015
SecFilterRemove 300016
</LocationMatch>
</IfModule>
Save this file and upload it to your webhost, this should disable the required rules to make the Administration Pages work correctly.
No comments:
Post a Comment