lavalamp213 wrote: ↑Thu May 30, 2019 4:06 pm
I have a member (Zeri) that I use for testing purposes. I just made Zeri an admin. Then I logged out as myself, and logged in as Zeri. Zeri does not get the error messages when performing this function that I am getting when I am logged in as myself.
The mod_security issue can be triggering based on something that is currently in the profile, and wasn't an issue when originally submitted, but is an issue
now with the mod_security settings that are in place
now.
For example, one such case was simply because "http://" appeared in the prefix of one of the values in the profile, which is "exactly what is supposed to be there" from a phpBB perspective (e.g. for a web site field in your profile), but mod_security was set to not allow for this. You said you were trying to
add a web site address when you encountered the issue, but is there maybe already a web site address (or some other kind of unique information) already saved in your profile currently which mod_security is reacting to "even when you're just re-submitting the same information that is already currently saved there."
Which is to say you may need to replicate some of the "personal" information from your profile into the test account profile, in order to see the same results. The issue may not be with "any attempt to update the profile", but more specifically "an attempt to update the profile when it contains specifically the information your profile currently contains."
As such it may not even require an admin account to actually replicate the issue, but maybe they're requesting the admin access for a different reason.