dnunez24/craft-nexcess.txt

## craft-nexcess.txt
leevigraham [5:28 PM]
Anyone had issues with mod_security and craft?

[5:29]
occasional 500 error when submitting content in admin

mildlygeeky
[5:52 PM]
@leevigraham lots of Matrix or Neo fields? (edited)

leevigraham [6:14 PM]
Matrix fields

[6:15]
I wouldn’t say lots in a single entry

[6:15]
classic, body content matrix setup (edited)

benf [6:34 PM]
@leevigraham I used to have so many issues with mod_security that I always have it disabled for Craft sites now

leevigraham [6:35 PM]
@benf Nexcess refuse to disable it on their craft box installs

benf [6:35 PM]
Ah, that’s a problem... you can’t chuck in a .htaccess file and disable it there?

leevigraham [6:36 PM]
not sure… good idea tho

benf [6:36 PM]
```<IfModule mod_security.c>
    SecFilterEngine Off
    SecFilterScanPOST Off
</IfModule>```
I have that in my public directory htaccess


[6:36]
I guess you could try it

khalwat
[6:47 PM]
What is Nexcess?

leevigraham [6:48 PM]
nexcess.net.au

[6:48]
host

khalwat
[6:50 PM]
I haven’t had my morning coffee yet, so I’ll spare everyone my boutique hosting rant :slightly_smiling_face:


[6:51]
But yeah peculiarities like this you just have to deal with if you use such hosting

jmcgaha [7:12 PM]
@leevigraham I’ve recently had a lot of discussions with Nexcess over mod_security. After much prodding they finally agreed to whitelist the entire craft admin url. That worked great until I realized it affected live preview since the preview of the page is not a url inside of the admin folder. After even more prodding we finally got them to disable it for the entire site as they admitted it probably wouldn’t do much for Craft sites anyway. Let me know if I can help in anyway.


leevigraham [7:13 PM]
“prodding”… already started emails back and forth

[7:13]
We have a few sites on forge + vultr.com.au (aussie digital ocean) which I prefer.
khalwat
But yeah peculiarities like this you just have to deal with if you use such hosting
Posted in #generalToday at 6:51 PM

khalwat
[7:24 PM]
@jmcgaha You could always switch, no?

[7:24]
@leevigraham yeah I realize there’s work involved in moving sites, which clients often won’t pay for

new messages
jmcgaha [7:27 PM]
I was new to the project and it was a long battle before my time to get them on Nexcess. The client basically just wanted them to properly support Craft when they claim to be a premier Craft host, which is a completely valid point. Nexcess even claimed they were going to drop mod_security for all future Craft hosting, but it would take them a while to implement everywhere (not sure if they were serious or if it was just to try and make us happy)

leevigraham [7:28 PM]
Nexcess have been great in regards to customer service

[7:29]
Moving isn’t really the cost. I find the cost to the client is when I have to spend hours trying to debug something on the server (and charging the client) vs just sending a support request

khalwat
[7:33 PM]
I find the opposite @leevigraham where I have to spend hours debugging some custom setup, or configuration that I have no power to change (like `mod_security`) whereas with Forge, it’s a very deterministic, standardized setup that I have control over

leevigraham [7:34 PM]
^ true

khalwat
[7:34 PM]
I haven’t had a single issue that’s taken me time to debug when using Laravel Forge, it’s pretty pre-fab, and “just works”
	leevigraham [5:28 PM]
	Anyone had issues with mod_security and craft?

	[5:29]
	occasional 500 error when submitting content in admin

	mildlygeeky
	[5:52 PM]
	@leevigraham lots of Matrix or Neo fields? (edited)

	leevigraham [6:14 PM]
	Matrix fields

	[6:15]
	I wouldn’t say lots in a single entry

	[6:15]
	classic, body content matrix setup (edited)

	benf [6:34 PM]
	@leevigraham I used to have so many issues with mod_security that I always have it disabled for Craft sites now

	leevigraham [6:35 PM]
	@benf Nexcess refuse to disable it on their craft box installs

	benf [6:35 PM]
	Ah, that’s a problem... you can’t chuck in a .htaccess file and disable it there?

	leevigraham [6:36 PM]
	not sure… good idea tho

	benf [6:36 PM]
	```<IfModule mod_security.c>
	SecFilterEngine Off
	SecFilterScanPOST Off
	</IfModule>```
	I have that in my public directory htaccess


	[6:36]
	I guess you could try it

	khalwat
	[6:47 PM]
	What is Nexcess?

	leevigraham [6:48 PM]
	nexcess.net.au

	[6:48]
	host

	khalwat
	[6:50 PM]
	I haven’t had my morning coffee yet, so I’ll spare everyone my boutique hosting rant :slightly_smiling_face:


	[6:51]
	But yeah peculiarities like this you just have to deal with if you use such hosting

	jmcgaha [7:12 PM]
	@leevigraham I’ve recently had a lot of discussions with Nexcess over mod_security. After much prodding they finally agreed to whitelist the entire craft admin url. That worked great until I realized it affected live preview since the preview of the page is not a url inside of the admin folder. After even more prodding we finally got them to disable it for the entire site as they admitted it probably wouldn’t do much for Craft sites anyway. Let me know if I can help in anyway.


	leevigraham [7:13 PM]
	“prodding”… already started emails back and forth

	[7:13]
	We have a few sites on forge + vultr.com.au (aussie digital ocean) which I prefer.
	khalwat
	But yeah peculiarities like this you just have to deal with if you use such hosting
	Posted in #generalToday at 6:51 PM

	khalwat
	[7:24 PM]
	@jmcgaha You could always switch, no?

	[7:24]
	@leevigraham yeah I realize there’s work involved in moving sites, which clients often won’t pay for

	new messages
	jmcgaha [7:27 PM]
	I was new to the project and it was a long battle before my time to get them on Nexcess. The client basically just wanted them to properly support Craft when they claim to be a premier Craft host, which is a completely valid point. Nexcess even claimed they were going to drop mod_security for all future Craft hosting, but it would take them a while to implement everywhere (not sure if they were serious or if it was just to try and make us happy)

	leevigraham [7:28 PM]
	Nexcess have been great in regards to customer service

	[7:29]
	Moving isn’t really the cost. I find the cost to the client is when I have to spend hours trying to debug something on the server (and charging the client) vs just sending a support request

	khalwat
	[7:33 PM]
	I find the opposite @leevigraham where I have to spend hours debugging some custom setup, or configuration that I have no power to change (like `mod_security`) whereas with Forge, it’s a very deterministic, standardized setup that I have control over

	leevigraham [7:34 PM]
	^ true

	khalwat
	[7:34 PM]
	I haven’t had a single issue that’s taken me time to debug when using Laravel Forge, it’s pretty pre-fab, and “just works”