Get.php - Strangest Error ever


#1

Hi everyone!

Lately I had a presentation about PHP and when I came to the point of $_GET and $_POST I gave my audience a task:
"Create a file “get.php” and then do somthing with $_GET usw…"
Everyone had access to my dreamhost-server and they started working.

Now there comes the problem, when you create the file “get.php” in any folder (my account is @helsinki and I tested it also @gravano) and you put a “?” after the “get.php” -> “get.php?” you get the Error:
"Service Temporarily Unavailable

The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later."

When you rename the file or don’t use get-variables there won’t be any problem!

Can anyone explain that logically to me??
Does that Problem only occure on the helsinki & gravano or on all servers?

Here’s also an example:
http://my-gate.net/get.php?

Thanks for any help!

Regars
My-Gate.NET

Visit My-Gate.NET!


#2

The filename “get.php” matches one of our mod_security rules (which is intended to catch common scripted exploits):

[Wed Feb 10 12:19:35 2010] [error] [client 127.0.0.1] ModSecurity: Access denied with code 503 (phase 2). Pattern match "/(new(cmd|command)|(cmd|command)[0-9] |pro18|shell|sh|bash|get|root|spy|nmap|asc|lila) \\.(c|dat|gif|jpe?g|jpeg|png|sh|txt|bmp|dat|txt|js|htm|html|tmp|php|asp)\\?" at REQUEST_URI. [file "/dh/apache2/template/etc/mod_sec2/gotroot/50_asl_rootkits.conf"] [line "39"] [hostname "example.dreamhost.com"] [uri "/get.php"]Your best bet is to either use a different filename, or to disable mod_security on that domain.


#3

Thanks for reply, but why can’t it just show that.
The 503 Error doesn’t make any sense. Acces Denied would propably make more sens, although it wouldn’t help either…

And I spend a lot of time trying to find the problem…

Visit My-Gate.NET!


#4

Well, there are a log of potential ways it could have been handled but, that said, and with respect, did you check the error log? Mod_security trapped requests are clearly displayed as such in your error.log file.

Generally, starting your search for the cause of an error by reviewing the error log saves quite a lot of time. :wink:

–rlparker
–DreamHost Tech Support


#5

Hehe, never consulted that one… =)
But thanks for the hit, I’ll check it next time!

My-Gate.NET


Visit My-Gate.NET!