English
Brasil
Dansk
Deutsch
Español
Français
Italiano
Magyar
Nederlands
Polski
Türkçe
Русский
简体中文Announcement
- [2013-04-19] Piwigo 2.5.1
- [2013-04-08] New server for Piwigo.org
- [2013-04-01] Piwigo and Zenphoto to join forces!
- [2013-03-04] Piwigo 2.5
- [2013-02-23] Piwigo 2.5.0RC2
- Forum Index
- » How-To and Troubleshooting
- » upload
Post a reply
Topic review (newest first)
- Andrej
- 2012-05-25 16:05:08
I noticed that this error (HTTP 406) mostly occurs on servers which are running the ModSecurity tools. There is an item in the blacklist which will prevent items uploaded with the Shockwave mime-type to be saved to the server as a prevention against hacking. All you need to do is whitelist this rule on the server for the affected line. Your hosting company should be able to do this for you if they are worth their salt.
Here is an outline for cpanel for all you web hosters who got asked to do this and want to be worth your salt;)
First, trip the rule yourself by trying to upload a file through the flash uploader. Check the error messages on the server relating to ModSecurity:
tail -n100 /usr/local/apache/logs/error_log | grep ModSec
You should find something like this:
[Fri May 25 09:41:26 2012] [error] [client 123.45.67.89] ModSecurity: Access denied with code 406 (phase 2). Pattern match "^Shockwave Flash" at REQUEST_HEADERS:User-Agent. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "203"] [hostname "images.domain.com"] [uri "/admin/include/uploadify/uploadify.php"] [unique_id "T7@MBTIcTDQAAH21mHoAAAAG"]
406, eh? Sounds familiar. This tells you which script tripped the rule (/admin/include/uploadify/uploadify.php, starting from the docroot), and where the rule is located (/usr/local/apache/conf/modsec2.user.conf). As this error message did not include an ID, you will need to add one to the modsec2.user.conf file (on line 203, as it states). Here is the old line:
SecRule HTTP_User-Agent "^Shockwave Flash"
And the new line:
SecRule HTTP_User-Agent "^Shockwave Flash" "id:1234567"
I picked an arbitrary number higher than 1000000 to prevent myself from overlapping any other numbered rules. Finally, add an exception to the rule in the whilelist document, which for cpanel servers is in /usr/local/apache/conf/modsec2/whitelist.conf:
<LocationMatch "/admin/include/uploadify/uploadify.php">
secruleremovebyid 1234567
</LocationMatch>
This will keep the Shockwave rule in place for the remainder of the server, but turn it off just for this one php script. Restart apache:
service httpd restart
Finally, test the uploads and make sure they work! If you're still having errors, check for new ModSec rules in the error log. As you can tell from the error message, I accessed piwigo from a subdomain. If you access the piwigo site in more than one way (like from images.domain.com or from domain.com/images), then you will need to add another LocationMatch entry in the whitelist for the same script, but starting with /images/admin... to catch this location as well.
Enjoy mass multiple file uploads :)
- Dantek
- 2012-02-17 08:17:48
Hi all,
I'd like to share my case
i uploaded images in to album. But there were chance that some images would never be uploaded and the HTTP Error (406) occurred after 100% progress was displayed
I have tried to upload another images, it's ok with another images but not the image with error, even i rename those image name.
i've found out what cause the HTTP Error (406)
Dan
- aleph
- 2010-09-23 22:10:09
Thanks for taking a look at it. I use firefox and vista home. Will try tomorrow with another environment. But since it works with pLoader, I am fine.
thank you for that great software and your support! I really like it - despite of the difficulties at the beginning. :) I am sure that it will work fine tomorrow.
- plg
- 2010-09-23 22:06:33
I made a test on aleph gallery and I had no problem, either with a small photo (<100KB) or with a big photo (>3MB). I suppose the problem is related to web browser and operating system. aleph, what is your environment?
- aleph
- 2010-09-23 21:56:08
pLoader works!
- Eric
- 2010-09-23 21:35:49
plg wrote:
aleph wrote:
Funny thing. It seems as if uploads work when I use the old style upload form. multiple files form does not work. makes no sense...
it does make a lot of sense. The "old style form" is a pure HTML form while the "multiple file" form is a Flash + Javascript uploader : it can make a big difference. I'm still interested in a temporary access to your administration.
plg has better knowledge than me on this part. I spend hand. ;-)
- plg
- 2010-09-23 21:31:03
aleph wrote:
Funny thing. It seems as if uploads work when I use the old style upload form. multiple files form does not work. makes no sense...
it does make a lot of sense. The "old style form" is a pure HTML form while the "multiple file" form is a Flash + Javascript uploader : it can make a big difference. I'm still interested in a temporary access to your administration.
- aleph
- 2010-09-23 21:19:11
Funny thing. It seems as if uploads work when I use the old style upload form. multiple files form does not work. makes no sense...
- aleph
- 2010-09-23 21:12:07
It didn't work with other pictures as well. Thank you very much for your kind help. I sent the link to my gallery via PM.
- Eric
- 2010-09-23 21:02:03
aleph wrote:
Now I see the problem: The picture is not even being uploaded. It sais "Error 406". What is that?
An error must have occurred during upload. Try again with another picture. If it doesn't work, your hosting server could not support this feature.
aleph wrote:
In my "galleries"-folder there is only one file: index.php
Shouldn't there be a upload folder or something like that?
No, galleries folder is only for FTP uploads. When using the integrated module, the pictures are uploaded in "upload" folder.
Is your gallery online? Could you give a link (in PM if necessary)?
- aleph
- 2010-09-23 20:24:56
In my "galleries"-folder there is only one file: index.php
Shouldn't there be a upload folder or something like that?
- aleph
- 2010-09-23 20:13:42
Now I see the problem: The picture is not even being uploaded. It sais "Error 406". What is that?
- Eric
- 2010-09-23 18:27:55
Sync (for synchronization) is only used with FTP upload. So don't matter ;-)
Before adding your pictures using integrated module, you have chosen an existing category or added a new one and checked "Who can see these photos?". After uploading, you had to see a page showing the number of pictures sent and the chosen category. If this category is no public access, nobody can see or what is inside.
Therefore check the permissions for this category. Go in User > Manage (for single user autorizations) or User > Group (for groups autorizations) to check categories access permissions.
- aleph
- 2010-09-23 18:11:24
I just used the integrated module, picked a picture and a category and uploaded. I think I am not running a sync (what is it anyway?).
Thanks
- Eric
- 2010-09-23 17:54:42
How did you upload your pictures? Via FTP? By pLoader? Through the integrated administration module to add photo ?
Do you run a sync?