Support Forums

Support Offline : Mon - Fri / 10am - 6pm (GMT +6)

Your Time: Our Time:

Front end editing not working

Featured Lock Resolved Bug
The issue of not being able to use front end editing on certain pages continues. I had started over with a new site but then discovered the same issues.

The .htaccess file is the original and Admin Tools is NOT installed. I don't have any other security components installed.

The server is running php 7.1, and I did try reverting to 7.0 but there was no change.
I reinstalled core files, but no change.

This is really really unreliable and there is no consistency to why some pages allow frontend editing and others do not.

In an earlier post that I have not been able to reply to, Mamun suggested an edit the .htaccess file to get permission for iframe content? Could tell me specifically what that should be?

More of the same error but this is what it looks like: https://screencast-o-matic.com/watch/cqVUYj3yWG

Please help. I can't imagine the inconsistency is expected, is it?

This is what is in the htaccess file:

##
# @package Joomla
# @copyright Copyright (C) 2005 - 2018 Open Source Matters. All rights reserved.
# @license GNU General Public License version 2 or later; see LICENSE.txt
##

##
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
#
# The line 'Options +FollowSymLinks' may cause problems with some server configurations.
# It is required for the use of mod_rewrite, but it may have already been set by your
# server administrator in a way that disallows changing it in this .htaccess file.
# If using it causes your site to produce an error, comment it out (add # to the
# beginning of the line), reload your site in your browser and test your sef urls. If
# they work, then it has been set by your server administrator and you do not need to
# set it here.
##

## No directory listings
<IfModule autoindex>
IndexIgnore *
</IfModule>

## Can be commented out if causes errors, see notes above.
Options +FollowSymlinks
Options -Indexes

## Mod_rewrite in use.

RewriteEngine On

## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site then comment out the operations listed
# below by adding a # to the beginning of the line.
# This attempts to block the most common type of exploit `attempts` on Joomla!
#
# Block any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root home page
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.

## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
## End - Custom redirects

##
# Uncomment the following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).
##

# RewriteBase /

## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.

5 Answers

Toufiq - Staff

More than a month ago #Permalink
Hi there,

Could you send me the Joomla administrator access via PM?

-Thanks

Karen Dunne

More than a month ago #Permalink
Thank you Toufiq. I have sent a message to you.

Toufiq - Staff

More than a month ago #Permalink
Hi there,

Thanks for your PM. I have downloaded your site and run on my localhost. It works fine.

http://prntscr.com/mf30p3

Please contact your CloudFlare SSL certificate provider to unblock page builder resource

http://prntscr.com/mf30wx

-Thanks

Karen Dunne

More than a month ago #Permalink
Hi Toufiq,

Cloudflare is not enabled and the SSL certificate is working normally, according to my host provider, Liquid Web.

I did tell Liquid Web what you suspected though and they investigated further. I believe they found the source of the issue. I have now been able to save using the frontend editor due to an adjustment they made to the modsecurity settings with Apache.

Specifically, and for others who may be searching on this topic, Liquid Web stated: the error log showed "actions blocked by ModSecurity rule ID "30016: Generic MySQL injection protection". That rule helps provide additional protection against MySQL injections, and works in conjunction with around 3 other rules to provide overlapping protection. I have adjusted the rules so rule 300016 is not being enforced on" your domain.

Cheers,

Karen

Toufiq - Staff

More than a month ago #Permalink
Hi there,

Thank you so much for your explanation. I kept a backup of your site, then run into my pc without SSL & it works fine here. That's why I thought it was SSL issue. By the way, glad to hear that your problem solved.

http://prntscr.com/mgb3zz

Many thanks for your explanation.

Cheers :)

Toufiq


There are no replies made for this post yet.
However, you are not allowed to reply to this post.

Leaderboard (30 days)

Sifat

Sifat

Total Accepted Answers: 125
Paul Frankowski

Paul Frankowski

Total Accepted Answers: 120
Toufiq

Toufiq

Total Accepted Answers: 62
Pavel

Pavel

Total Accepted Answers: 5
Mohammed Ahmed

Mohammed Ahmed

Total Accepted Answers: 2

100+

Templates

200,000+

Community Users

Newsletter

Don’t miss any updates of our new templates and extensions and all the astonishing offers we bring for you.
We never spam

Joomla! ® name is used under a limited license from Open Source Matters in the United States and other countries. JoomShaper.com is not affiliated with or endorsed by Open Source Matters or the Joomla! Project.

Connect Us