Template Manager: cant save or edit

hi

i got the error message :

You don't have permission to access /haiti/administrator/index.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

any help

Can you do any other admin tasks or this only happens while editing an template.

Check admin folder for permissions. Standard joomla permissions are 644 for files and 755 for folders.

Check all files and folder permissions in ftp.

See you around...

Can you do any other admin tasks or this only happens while editing an template.

Check admin folder for permissions. Standard joomla permissions are 644 for files and 755 for folders.

Check all files and folder permissions in ftp.

See you around...

I can do everything else but i got only issues with the Templates Manager

Ive try to change permission but got the same thing ... I think i will just create a new database ans reinstall.. see if that will work....Ill let you know ..

Can you do any other admin tasks or this only happens while editing an template.

Check admin folder for permissions. Standard joomla permissions are 644 for files and 755 for folders.

Check all files and folder permissions in ftp.

See you around...

I can do everything else but i got only issues with the Templates Manager

Ive try to change permission but got the same thing ... I think i will just create a new database ans reinstall.. see if that will work....Ill let you know ..

STILL doesnt work after create a new DB.... Found out the issue is with the TemplatesDetails.xml but i cant really fix it ..
What i did was . i took one of my templateD file and replace in GK_fashion .. after that i was able to save ....but by doing that it screw up a lot of couple of things also.....

Please help

Please send an admin access and ftp access to normanuk [at] live.co.uk and I ll check this for you.

See you around...

Please send an admin access and ftp access to normanuk [at] live.co.uk and I ll check this for you.

See you around...

sent you the access..

Please check your email.

See you around...

Please check your email.

See you around...

i have tried a lot of things and nothing works ..it seems to be an issue with the Templates or the hosting provider i can say ,because both templates give me the same issues ...gk_music_free,,as well.

change permission doesnt change anything ... i think this is something else ..

i got a message from the provider last time, i dont if this is why thinks are not working for me :
We are sending out this e-mail to inform our customers that we are upgrading PHP versions from PHP 5.2 to PHP 5.3.
PHP 5.2 has a development status of EOL (End of Life) set by the PHP Group which means that it is no longer receiving security updates.

We feel that in order to provide our customers with the most secure and best service possible we need to ensure that we receive the most up to date security patches, otherwise it could potentially end up putting our clients at risk to attacks. We have already had quite a number of our customers requesting this upgrade. We are going to be scheduling the upgrade to PHP 5.3 for the week of July 23rd 2012. We feel that this will provide our customers with enough time to make appropriate adjustments to prepare for this upgrade.

The upgrade to PHP 5.3 should not create too many issues; it will primarily affect scripts which are using functions/features which have been deprecated from PHP 5.2. We recommend that you please check with your developers and, if needed, make necessary changes. If required, also update your third party-scripts to their latest versions. If you are unsure about compatibility of your third-party script with PHP 5.3, you will want to check with the developer of your script to make sure you are ready.

You can find a list of features that were deprecated in PHP 5.3 at: http://php.net/manual/en/migration53.deprecated.php


Summary: PHP 5.3 upgrade on Webhostingpad.com servers scheduled for week of July 23rd 2012; make sure your PHP scripts are compatible.

I have the same problem!!
Any solution for me?

Did you check for permissions in templates/gk_templatename folder and files.

We cannot reproduce this error in normal hosting / local servers so it must be related to hosting setup and file/folder permissions.

Check and let us know please.

As for info it is not related to php version as if that was the case you would see notice errors in php , but permission denied means file/folder permissions.

See you around...

Did you check for permissions in templates/gk_templatename folder and files.

We cannot reproduce this error in normal hosting / local servers so it must be related to hosting setup and file/folder permissions.

Check and let us know please.

As for info it is not related to php version as if that was the case you would see notice errors in php , but permission denied means file/folder permissions.

See you around...

I did everything in regards the permissions, last template i tried is the Restaurant one and it works ... i have issues only with 2 templates :Mucic free and Fashion.... all the rest works goods ...That<S pretty strange
By the wayy if i install :gk_music_free_J!25.zip..it works but the quickstart doesnt work ...

As I have suggested before If you can send a ftp access & admin access I can check it out for you.

See you around...

As I have suggested before If you can send a ftp access & admin access I can check it out for you.

See you around...

Info has been sent via PM..Thanks

Please check your email as I couldn't login to your ftp.

Can you please ask your host for following information.

If mod_security / mod_security2 is enabled in your account and if there are any rules triggered or if there are any security errors present.

Let me know their response.

See you around...

Please check your email as I couldn't login to your ftp.

Can you please ask your host for following information.

If mod_security / mod_security2 is enabled in your account and if there are any rules triggered or if there are any security errors present.

Let me know their response.

See you around...

hi

here the answer from Webhosting tech ..
The error you are seeing is because mod_security is blocking the access due to the insecure way of access your script is making and it can be exploited for file injection and remote file include and in a wrong hands this vulnerability can be exploited and can be used for hacking your own account and it in turn will affect the server so the solution here is to contact any developers and fix that vulnerability by changing the way your script access the URLs and pass the values and that will make your site more secure and will help it from getting hacked or getting uploaded with malicious contents and this feature which is blocking your access now is for your own security so instead of us disabling it what you need to do is to fix it and thats the permanent solution for it and that will be helpful for you in the long run and adds security to your site. Hope you have understood the situation and expecting your co-operation in this.

If they can send you or us an error log so we can see what is triggering what then we will investigate and decide if its necessary to make any changes.

Without seeing error logs we cant make any changes. Mean while I'll still pass this to our developers.

See you around...

If they can send you or us an error log so we can see what is triggering what then we will investigate and decide if its necessary to make any changes.

Without seeing error logs we cant make any changes. Mean while I'll still pass this to our developers.

See you around...

From Webhosting
It seems to be an issue with mod_security rule. I have disabled the rule in your account.

then it works

i hope by turn it off this option,do you know if the the site will be less secure as it mentioned earlier ??

Mod_security is a web application firewall, just like normal computer firewall and has many rules regarding what goes out and what comes in so leaving it that rule disabled just opens you up to a slew of other potential security threats which that rule was meant to stop.

There’s always a potential issue with Joomla or Wordpress or any other cms system or web application on domains with Mod Security enabled. Developers are not security experts and never will be. If they would then there wouldn't be any need for mod_security as they would of developed their application with a firewall around it

You can see problems mainly on page saving and publishing, Joomla / component / module initiates a postback to a .php file and passes your content through the post array, this operation is done blindly via an ajax request or similar, but the same basic principle applies. If you have Mod Security activated on your account, the contents of the postback (or ajax call) are subject to the security rules put in place by Mod Security. As a result, if you try to include the term “.htaccess” in your post, or any other content flagged by Mod Security as being a potential security risk, the content effectively gets scrubbed and blocked by the security rules.

The approach is to isolate the rules and whitelist the applicable pages so that everything works again. There’s two approaches for disabling the Mod Security rules for the specific files: you can disable Mod Security on just those files, or isolate the specific rules that are impacting functionality and disable just those rules (on those specific files). While disabling Mod Security for those files is a lot easier than identifying the rules, it still leaves you vulnerable to other security risks; the best approach here is to isolate the specific rules.

Your Mod Security log should be capturing events that it doesn’t like, so it should be fairly easy to identify the rules and files causing these errors. Such as error 333, 444, 666 or similar numbers. So instead of disabling Mod Security they can add the offending file along with the rule in to whitelist so it doesn't trigger any alarms in your website. This is similar to adding files / folder in to exception list or adding your known websites or urls in to a white list in a normal computer firewall.

In your computer you wouldn't turn off your firewall you just add exceptions so I don't understand why your host has disabled mod_security rule completely rather then saying xxxx.file is triggering yyy.ruleset and they can add that file in to whitelist so it doesn't trigger anything as you know it is safe as it is the module itself.

I hope this is clear enough explanation as to what is actually happening.

See you around...

Mod_security is a web application firewall, just like normal computer firewall and has many rules regarding what goes out and what comes in so leaving it that rule disabled just opens you up to a slew of other potential security threats which that rule was meant to stop.

There’s always a potential issue with Joomla or Wordpress or any other cms system or web application on domains with Mod Security enabled. Developers are not security experts and never will be. If they would then there wouldn't be any need for mod_security as they would of developed their application with a firewall around it

You can see problems mainly on page saving and publishing, Joomla / component / module initiates a postback to a .php file and passes your content through the post array, this operation is done blindly via an ajax request or similar, but the same basic principle applies. If you have Mod Security activated on your account, the contents of the postback (or ajax call) are subject to the security rules put in place by Mod Security. As a result, if you try to include the term “.htaccess” in your post, or any other content flagged by Mod Security as being a potential security risk, the content effectively gets scrubbed and blocked by the security rules.

The approach is to isolate the rules and whitelist the applicable pages so that everything works again. There’s two approaches for disabling the Mod Security rules for the specific files: you can disable Mod Security on just those files, or isolate the specific rules that are impacting functionality and disable just those rules (on those specific files). While disabling Mod Security for those files is a lot easier than identifying the rules, it still leaves you vulnerable to other security risks; the best approach here is to isolate the specific rules.

Your Mod Security log should be capturing events that it doesn’t like, so it should be fairly easy to identify the rules and files causing these errors. Such as error 333, 444, 666 or similar numbers. So instead of disabling Mod Security they can add the offending file along with the rule in to whitelist so it doesn't trigger any alarms in your website. This is similar to adding files / folder in to exception list or adding your known websites or urls in to a white list in a normal computer firewall.

In your computer you wouldn't turn off your firewall you just add exceptions so I don't understand why your host has disabled mod_security rule completely rather then saying xxxx.file is triggering yyy.ruleset and they can add that file in to whitelist so it doesn't trigger anything as you know it is safe as it is the module itself.

I hope this is clear enough explanation as to what is actually happening.

See you around...

Thanks for the great info about mod Security .. i will send this to them see if they can do that ..

Thanks again