Access Denied when editing PHP/HTML code block
I've looked at the setting for the PHP code block. Since there were only two, it wasn't apparent to me that those settings were the cause.
We had the same installation active on another server where these arrays worked without issue. Ever since the move, I have always gotten the access denied error messages. I resorted to editing the code directly in the DB. This led me to believe that it wasn't actually causing the code block to error out in any way. The code works fine with no issues at all when I change it in the DB.
Another step that I took was to ensure that all of the PHP settings (and version) on cPanel were the same, as well as making sure that the admin privilege on the area was set to admin, as it was on our previous installation.
Does anyone have any other ideas as to what might be causing an Access Denied error message when editing the PHP code blocks? We have the ability to change most of the common server settings if need be.
Any help would be greatly appreciated!
I'd have a look to see Mod Security is installed/enabled, whether any rules are being triggered and either whitelist the rules if they are (or temporarily turn of mod security for this single task).
One question now. Where/How can I whitelist the rules that are causing the Access Denied error to be thrown?
They should be able to look at their modsec logs and spot the error against your domain, especially if you let them know the URL that it would have posted the data to.
Interestingly this is a problem I've tried (and hopefully succeeded) to work around with a block I recently submitted to the marketplace:http://www.concrete5.org/marketplace/addons/code-display/...
In that block I base64 encode the submitted data on the browser side and un-encode it on the server side, so mod security just sees a bunch of random text.
If you're prepared to hack the block you are using, you might be able to look how I've done that and apply the same approach.