Web Hosting : Developers not supporting Mod_security

Hostgator and Bluehost are our best webhosts and godaddy.com is the best domain registrar.

This web hosting thread started by Coldkill on 14 November 2008

this is actually my first post in this category as I’m more of a web host now than a programmer.

I’ve just had a client who couldn’t get a gallery script to work (SMF Gallery) because mod_security flagged and wouldn’t allow them to view full sized images. After reading through the developers forums, it would appear they are completely unwilling to adjust their program to be compatible with mod_security and are recommending that people completely disable it through an outdated and exploitable method (.htaccess adjustment).

Now when I used to program PHP, I’ve never experienced any problems, whether in shared or dedicated environments, with mod_security of any version. This begs me to wonder what is in this script that flags mod_sec.

Has anyone else had problems with mod_security in a shared environment? Has your host been able to accommodate you and get your script to work by editing the server? If not, have you been able to modify your script to function correctly?

I’d be interested in knowing how other people have fared with this as it’s taken me and my tech team the better part of 2 days to figure out a feasible solution to this clients problem.

Discuss this at WHT or read more about bluehost and hostgator