Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.I am not sure whether this is a Support Request or a Bug Report.
I have had a site operating using Securepages and SecurePages Hijack Prevention for some time. Recently my hosting company installed Apache mod_security and problems occurred. The symptoms are
1) All http: pages work normally
2) Many https: pages have formatting issues. E.g. tabs turn into a list of links, some colors change and some text boxes are displayed twice.
3) A few https: pages generate Forbidden page responses.
Unfortunately the Forbidden page response makes it impossible to deactivate SecurePages in the normal manner. The only options are to restore the database from a backup that had SecurePages deactivated (not possible in my case, because I didn't have a backup that old), or to turn off mod_security. Operating without mod_security is my current solution. However it would be nice to be able to use all the security tools available.
Are there settings for mod_security that allow it to coexist with SecurePages? Note that I am also using CleanURLs which may make some solutions more tedious.
And thank you for supporting these great modules!
Comments
Comment #1
astonvictor commentedI'm closing it because the issue was created a long time ago without any further steps.
if you still need it then raise a new one.
thanks