406 Not Acceptable

[jzmwebdevelopment]

I have the following issue with the below page -> has now made account 406

--eec82042-A--
[27/Jul/2011:16:05:44 +1200] KY5J2W9B4z0AAF7NQyEAAAAK 118.92.113.161 49667 111.$
--eec82042-B--
GET /installer/index.php/installer/complete HTTP/1.1
Host: www.domain.co.nz
Connection: keep-alive
Referer: http://www.Domain.co.nz/installer/index.php/installer/step_4
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_2) AppleWebKit/534.30 ($
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie:

--eec82042-F--
HTTP/1.1 406 Not Acceptable
Content-Length: 408
Keep-Alive: timeout=5, max=99

[jerel]

Can you give any more information about what Pyro does or doesn't do when you get this error? 406 errors are quite rare and from what I've seen are usually server misconfigurations

[jzmwebdevelopment]

I have tried again but my pyrocms install did not see the stylesheet for the default theme (files are there), I also got a 404 with the page after you click install -> I think this is where you pick where to go?. Strange

[jzmwebdevelopment]

Futher to this issue I have tried again and had the same issue as above, but now I am getting data in the error log:

ModSecurity: Access denied with code 406 (phase 2). Pattern match "\b(?:(?:s(?:ys(?:(?:(?:process|tabl)e|filegroup|object)s|c(?:o(?:nstraint|lumn)s|at)|dba|ibm)|ubstr(?:ing)?)|user_(?:(?:(?:constrain|objec)t|tab(?:column|le)|ind_column|user)s|password|group)|a(?:tt(?:rel|typ)id|ll_objects)|object(?:(?:nam|typ)e|id)| ..." at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "88"] [id "959904"] [msg "Blind SQL Injection Attack"] [data "user_password"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"] [hostname "www.domain.co.nz"] [uri "/home/domain/public_html/"] [unique_id "-eON6W9B4z0AAG-7R4AAAAAV"]

[philsturgeon]

I'd look for help with mod_security, this does not seem like a pyro fault.

[MyDigitalNeeds]

I've been troubleshooting this problem for installs on a stock WHM/cPanel server running Cent OS 6.2, with LFD and CSF firewall installed. It seems this is the one of the few more known content management systems that cannot be installed on our system.

I find the attitude of Phil Sturgeon on this topic a great example why PyroCMS should NOT be used. I've been forced to write another content management system because they all seem to have some strange problem or design flaw that is grossly overlooked.

For a paid product, this product needs to work in stock environments. If not, then it needs to be known that it cannot run on a server with basic mod_security setup.