An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Changing FTM theme...
#10918 07/11/10 07:53 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
My current FTM theme is ubbthreads_finetunedmac, but when I just tried to select a new theme (or even reselect my current theme) I was, in all instances, taken to a page that told me:

"403 Forbidden
You have requested a file that the server has been instructed not to give you access to. Please try one of the links above.

/forums/ubbthreads.php?ubb=changeprefs&what=style&value=1&curl=http%3A%2F%2Fwww.finetunedmac.com%2Fforums%2Fubbthreads.php%3Fubb%3Dnewpost%26Board%3D11 on www.finetunedmac.com"


When I clicked back to my starting point, though, the theme drop-down reflected my change, but my screen remained ubbthreads_finetunedmac.

Huh? confused


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Changing FTM theme...
artie505 #10920 07/11/10 12:09 PM
Joined: Aug 2009
cyn Online
Administrator
Online
Administrator

Joined: Aug 2009
I can change styles via My Stuff > Edit Preferences. Using the Style Chooser menu at the bottom of a page, however, I encounter the same problem Artie did.

The URL of the 403 page and the corresponding file shown in the message depend on which style I selected (the "value=" number) and where I was when trying to switch (what follows "curl=").

Starting at http://www.finetunedmac.com/forums/ and selecting ubbthreads-dark the URL is:
http://www.finetunedmac.com/forums/ubbthreads.php?ubb=changeprefs&what=style&value=2&curl=http%3A%2F%2Fwww.finetunedmac.com%2Fforums%2F

So the file in the error message is:
/forums/ubbthreads.php?ubb=changeprefs&what=style&value=2&curl=http%3A%2F%2Fwww.finetunedmac.com%2Fforums%2F

Though the URL indicates a forum page what I see is FTM.com with the logo missing and the 403 Forbidden message in place of the content.


FineTunedMac Forums Admin
Re: Changing FTM theme...
cyn #10928 07/11/10 07:15 PM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
> Though the URL indicates a forum page what I see is FTM.com with the logo missing and the 403 Forbidden message in place of the content.

Starting from the page with your response I wind up at the same place, but with the logo.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Changing FTM theme...
artie505 #10945 07/13/10 04:16 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
Okay, now that's bizarre! I can confirm it is happening to me as well. I'll investigate and let you know what I find.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Changing FTM theme...
cyn #10949 07/13/10 02:02 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Originally Posted By: cyn
I can change styles via My Stuff > Edit Preferences. Using the Style Chooser menu at the bottom of a page, however, I encounter the same problem Artie did.

FWIW, I can confirm this behavior, including the observation that a style change works perfectly fine when using the pulldown menu in display prefs item #7 instead of the one at the bottom of the page. While bizarre, it seems to point to a specific location for the issue.


alternaut moderator
Re: Changing FTM theme...
alternaut #11003 07/17/10 09:09 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
I've been wrestling with this without success. Might be time to get UBB tech support involved; nothing I've tried has worked. frown


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Changing FTM theme...
tacit #11073 07/22/10 02:55 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
I have discovered the cause of this problem and I'm working on a fix.

The problem isn't with UBB.threads or with FTM directly, so it was a beast to find. The problem is actually with a security program running on the server that FTM is living on.

We are now running on a highly secure server to help mitigate against future denial of service attacks like the one we experienced a while back.Part of the server's security setting includes a mod_security rule that prevents scripts from running if they contain a URL within the parameter, to guard against people attempting to hijack any redirectors on our server in order to redirect to spam or virus settings. This is also interfering with changing the theme via the popup menu. I'm looking into a fix right now.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Changing FTM theme...
tacit #11074 07/22/10 04:17 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
UPDATE: The problem has now been resolved! I'm now seeing the popup menu for selecting themes working correctly. smile


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Changing FTM theme...
tacit #11081 07/22/10 01:09 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Nice job, thanks! I assume your fix won't affect server security. shocked smirk


alternaut moderator
Re: Changing FTM theme...
alternaut #11096 07/22/10 09:24 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
It shouldn't, no An exemption to the rule was made just for the script that changes the theme. smile


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Changing FTM theme...
tacit #11099 07/23/10 03:42 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Great detective work. cool

Did the fix come from your end or from the server end? (I'd be interested in a brief explanation of how you tracked the issue to the server.)

Last edited by artie505; 07/23/10 03:44 AM. Reason: Did the fix...

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Changing FTM theme...
artie505 #11104 07/24/10 08:26 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
The fix came from the server end; the Web hosting company had to change the security settings.

I tracked it down when I started seeing a very similar problem on another site I run. The same mysterious 403 Forbidden error was popping up, and the "a-ha" moment came when I noticed that both sites that were experiencing the error had a URL being passed as a parameter to a PHP script. So I went into the Web host's troubleshooting section, and discovered that they block any script that uses a URL as a parameter.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Changing FTM theme...
tacit #11109 07/24/10 02:48 PM
Joined: Aug 2009
Likes: 16
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 16
Great catch!


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Changing FTM theme...
joemikeb #11111 07/24/10 08:36 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
indeed! thanks for the hard work, tacit!

now if we only had more styles to choose from... wink


MacBook 2.4 Ghz · 4 Gb ram · 10.7.5
stuff I'm interested in
iPhone 4s 7.0.2
Re: Changing FTM theme...
tacit #11118 07/25/10 05:57 AM
Joined: Aug 2009
Likes: 15
OP Online

Joined: Aug 2009
Likes: 15
Originally Posted By: tacit
The fix came from the server end; the Web hosting company had to change the security settings.

I tracked it down when I started seeing a very similar problem on another site I run. The same mysterious 403 Forbidden error was popping up, and the "a-ha" moment came when I noticed that both sites that were experiencing the error had a URL being passed as a parameter to a PHP script. So I went into the Web host's troubleshooting section, and discovered that they block any script that uses a URL as a parameter.

Duuuh... Way to much later I realized that the fix must have come from the hosting company.

Great detective work on your part. (Lucky you had that other site as a reference point.) cool


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Moderated by  alternaut, cyn, dkmarsh 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.026s Queries: 44 (0.017s) Memory: 0.6444 MB (Peak: 0.7570 MB) Data Comp: Zlib Server Time: 2024-03-28 12:00:25 UTC
Valid HTML 5 and Valid CSS