My host has said there seems to be a problem with my site. The host sent me the following and asked if I knew anything about it. I don't - was wondering if anyone did. I think it is related to php upgrade but am unsure. Anyways, here is what was sent.
HTTP/1.1
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
========================================
Request: 59.159.114.214 - - [22/Nov/2005:22:58:46 -0500]
"GET /moodle/filter/mediaplugin/mp3player.swf?src=../../file.php/6/eg%20p%20listening/33%20Track%2033.mp3
HTTP/1.1" 500 0
Handler: server-parsed
Error: File does not exist: /home/efleg/public_html/gakuen/500.shtml
----------------------------------------
GET /moodle/filter/mediaplugin/mp3player.swf?src=../../file.php/6/eg%20p%20listening/33%20Track%2033.mp3
HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Cookie: MoodleSession=50233cb7b385eee6a5096293367192a1;
MoodleSessionTest=dw4Q2q46CP;
MOODLEID_=%25E4%25CD%2515%251C%25E6%2528%25BB%250F%25FAR%25F8%2527%25B2%2504%258E
Host: gakuen.efleg.org
If-Modified-Since: Tue, 24 May 2005 06:04:05 GMT; length=1452
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR
1.1.4322)
x-flash-version: 7,0,19,0
mod_security-message: Access denied with code 500. Pattern match "\.\./\.\./"
at THE_REQUEST.
mod_security-action: 500
Sorry to bother, but if anyone knows where the problem is, could you please let me know. Kind regards,
Eric Hagley
The problem (translating from the obscure error message: mod_security-message: Access denied with code 500. Pattern match "../../") is that the url you are accessing to play that mp3 includes the sequence "../../" which means "go down 2 directory levels".
It's sometimes possible for people who are trying to get to places that they shouldn't have access to use this trick to bypass security checks and dig about the file system so that server is rejecting it on principle (even though in this case it looks totally harmless and proper for it to be looking for that particular file).
It could possibly be considered a bug in the multimedia filter and that it should always use the full URL starting "http://your.moodle.url/blah/blah blah..." but it depends on how that's interacting with the original file link. It probably just uses what's there in the html in Moodle, so if you change the original download link to avoid needing "../../" it should start working, I think.
(there also seems to be a sub-error, that the security code is triggering a 500 error a.k.a Internal Server Error, but the page it should display in that case /home/efleg/public_html/gakuen/500.shtml doesn't exist.)