Apsona ShopAdmin - a free tool for import/mass update/reporting

[apsona]

Its great that apsona supports wholesale pricing, but is there a way to disable the currensy check it does?? becouse i use the duelprice module and would like to add the whole sale price in format 0.00-0.00-0.00 but apsona does not allow me to

Thank you

Hello,

This would have to be customized for your cart, because not all users would want it this way. Please get in touch with us via e-mail at support (at) apsona.com, and we'll accommodate this.

Regards.

[apsona]

Hi, my host has done further digging and discovered why Apsona suddenly stopped working on my site. They said it was due to;

"ModSecurity: Rule execution error - PCRE limits exceeded (-8): (null). ??"

They have said that “recursion limits are imposed to avoid killing the server when you have deeply recursive patterns. Also it is not possible to change these limits” and the better work-around is to revise my scripts rather than disable this rule.

They can and will disable ModSecurity, but they strongly advised me against requesting this for security reasons.

Unfortunately this is over my head. Can you advise? As security is of my highest importance to me and I would be unhappy going against my host's advice.

Thanks
Lisa

This issue seems specific to your hosting service - we have not had similar reports from any of our other users. Searching through the web, one recommended solution seems to be to add the following into your Apache configuration file:

SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000

It's possible that you can do this yourself, via your hosting control panel. If not, you'll have to ask your hosting company to add these lines for you.

I hope this helps.

Regards.

[harlyman]

Hello,

This would have to be customized for your cart, because not all users would want it this way. Please get in touch with us via e-mail at support (at) apsona.com, and we'll accommodate this.

Regards.

Mail sent:)

[harlyman]

Hello,

This would have to be customized for your cart, because not all users would want it this way. Please get in touch with us via e-mail at support (at) apsona.com, and we'll accommodate this.

Regards.

Did you get my mail about this??

[apsona]

Did you get my mail about this??

Nope, just checked again. We don't have an email address for you, either. Can you please send us an email to support at apsona.com, or perhaps use the contact us form on our website?

Thanks.

[harlyman]

Nope, just checked again. We don't have an email address for you, either. Can you please send us an email to support at apsona.com, or perhaps use the contact us form on our website?

Thanks.

sent from your website now.

[Simmons]

Hi, I emailed Apsona support last week but I have not had a reply. I showed my host your info.

“SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000"

They have responded with

“Relaxing mod_security for 1 site or script defeats the point of it protecting the server. It only takes 1 addon/script/site with a relaxed mod_security to be exploited and it can potentially ruin the day for everyone else who was happy to work with mod_security.

We have also consulted widely with Zen Cart professionals and they all advise that this problem is unique to the way in which this particular add-on has been coded. They all advise against relaxing security simply in order to allow this add-on to operate. We also feel that relaxing security would undermine the efforts of the Zen Cart Team to keep their software secure.

We are very sorry, but we are unable to support your request and refer you back to our original advice of revising the code."

Any more ideas?
Thanks
Lisa

[apsona]

Hi Lisa,

This is the first such issue we've heard of with mod_security from among all the thirty or so hosting companies that have deployed and used ShopAdmin, so I'm tempted to ask what is special about this particular hosting company's configuration that causes this problem. I'd love to hear the inputs from other folks on this forum - particularly the hosting companies - on this issue.

In any case, it would be great if your hosting company can furnish us technical details about exactly what kinds of behavior causes the security error. This would help us isolate the issue and look into what it would take to recode the script. From what I'm seeing, the error is triggered by your hosting company every time an insert SQL statement is executed from the script, and that seems to be too severe a restriction.

Hope this helps.

[[email protected]]

i really like the mod it looks great the support sounds amazing but what apsona getting out of all this ? no one would design and support such a thing at such a high level for free, please inlight...... it all looks to good to be true

[DivaVocals]

i really like the mod it looks great the support sounds amazing but what apsona getting out of all this ? no one would design and support such a thing at such a high level for free, please inlight...... it all looks to good to be true

I suppose they are getting the same thing everybody else writing, updating, and supporting these free add-ons gets.. NOT A DARN THING!!! That's kinda how open source works..

Apsona is not the only one who provides a world class product for Zen Cart and EXCELLENT support for NOT ONE THIN DIME.. I can name a TON of examples of other such mod contributors.. (Conor of Ceon URI fame comes STRAIGHT to the top of my head.. but there are many many others as well..)