Last updated September 14, 2009. Created by Heine on September 13, 2009.
Edited by Thomas Ash. Log in to edit this page.
When the user returns from the OpenID provider, a 404 Page not found error is shown.
This behaviour is most likely caused by the Apache module mod_security. This module disallows access to URLs with http://, https:// or ftp:// in the query string.
A quick test is to access your site via the URLs
http://example.com/?q=node&test=abcd
http://example.com/?q=node&test=http://If the first URL works, but the second displays a "Page not found" error, mod_security is the likely cause.
For the mod_security core rules set 2.0.2, it is likely one of the anti-remote file inclusion (RFI) rules in base_rules/modsecurity_crs_40_generic_attacks.conf. Rules 1234234 and 340153 are sometimes to blame.
Ask your host to disable the offending rule.