Text class thumbnail not accessible

altny

Still working on implementing Zenphoto for the first time. Something that's been an issue for my site since the beginning is that the thumbnail for text objects just don't show up. I'm getting a 403 error when I try to access the image directly. I've played around with permissions, and setting the symlink in the cache and the actual image itself to 777 doesn't seem to help.

You can see it here:

http://staging.altny.com/poba/Poetry/

The theming is only partially done, so it doesn't look right, but you can see the issue with the thumbnail. As an fyi, even if I'm using the included ZenPage theme, I have the same problem. Any ideas on where to look to troubleshoot?

acrylian

Is that the default image? I have the same issue on my live test site, too. Sadly no idea why. The workaround actually would be to create custom thumbs.

sbillard

Check your file permissions on the cache folder(s). WEB browsers (e.g. the public) must be able to access the files in the folder.

acrylian

Regarding my server: It is not the cache folder as otherwise other images would not work, too.

I have the suspicion that my server somehow does not like the url the default images is called with:
`/zp-core/i.php?a=Test&i=_%7Bzp-core%7D_%7Bzp-extensions_-_class-video%7D_mp4Default.png&w=95&h=95&cw=95&ch=95&t=1&wmk=!&check=27bde58ee25260ceede27a4a68cc6b6559b64618`.
Is that meant to look encoded like that? As mentioned on my live server the default thumbs never worked.

sbillard

That is indeed the encoding for the default MP4 default image. I do not see how your server could block that particular link, thought. The form is pretty much the same as for any un-cached image. Maybe your browser is not fetching the link? You should look in the Apache access logs to see if there is a "Get" for it.

acrylian

A look in the error log told what it is is: Once again modsecurity. (the browser tells me the server responded with 404 therefore). So since I will not be able to talk my host into disabling that, my only way around is creating custom video etc thumbs.

sbillard

Maybe you can ask what triggers the security block. It would be possible to change (somewhat) the link text to these items, but of course we would need to know what is forbidden.

acrylian

Maybe the error message does already tell? I sent it via mail as it contains some keywords that would probably not be a good idea to post here..;-)

altny

Getting around it in a systemic way would be preferable for me. We will probably have users in the future who are uploading text without knowing how to create custom thumbnails,

Thank you for looking into it!

acrylian

Yes, although creating custom thumbs for videos (and other "non" images) is not that hard actually:
http://www.zenphoto.org/news/why-does-zenphoto-not-show-a-thumbnail-from-my-video-

sbillard

The error may tell, it is a regular expression match apparently looking for phonograph or SPAM. I will have to analyze it, though, to understand what it is catching in our links.

sbillard

Unfortunately, the regular expression is not completely shown. What is shown would not catch our URIs. Also amusing is apparently this is a "P***" preventer, but only if you are looking for P*** in English.

Seems like a pretty silly rule in the first place. It will catch only a handful of P*** URIs. This is the problem with most over zealous "security" patches. They tend not to accomplish their goals in the first place and then suffer from false positives that prevent legitimate content from working.

acrylian

I will contact my host and point them to this topic.

Btw, I have "censored" your post a bit for SEO's sake.

acrylian

My host didn't give me further info about the rule but they deactivated it for my account. So for me at least all works again but I cannot test the recent change anymore to have any impact..

sbillard

Well, I suppose it is good that they are not running the rule for you. But too bad on the other account. I guess anyone having this issue should just contact their hoster.

acrylian

Maybe it is just a basic issue with "general rules" that they are general...

altny

acrylian - I think I missed something. Which rule should I ask my host to deactivate?

Thank you for looking into it.

acrylian

You need to ask your host about server security measures active like modsecurity. That is or are extensions to the server. On my host they deactivated a rule that triggered here.

But of course it might be something different on your host.