Failing to export to Piwigo

luator · April 20, 2023, 2:50pm

I set up a self-hosted Piwigo instance and would like to upload pictures directly from digiKam. It worked for one or two pictures in the beginning but now always fails with this error:

Failed to upload media into remote Piwigo. Error transferring https://photos.luator.de/ws.php - server replied: Forbidden

I checked the server logs and found the following:

When “Resize photos before uploading” is enabled:

ModSecurity: [file “/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/10_asl_rules.conf”] [line “389”] [id “340029”] [rev “37”] [msg “Atomicorp.com WAF Rules: Attack Blocked - command in REQUEST_URI or Argument”] [data "/nc "] [severity “CRITICAL”] Access denied with code 403 (phase 2). Pattern match “(?:;|/|\\| )(?:\\b(?:cat|ls|perl|uname|pwd|cp|tclsh8?|cpp|f(?:etch|tp)|python|chown|rm|ping|rsync|rdiff-backup|scp|(?:w|ftp)get|curl|links|g\\+\\+|ch(?:grp|own)|passwd|r?(?:b|d)ash|t?c?sh|telnet|clang|nc)\\b |\\b(?:sleep|benchmark)\\b \\(? ?[0-9]|power …” at ARGS:data. [hostname “photos.luator.de”] [uri “/ws.php”] [unique_id “ZEFFshFAvrfOIzhECOZbXwAAABc”]

I don’t know anything about ModSecurity but found this description of the error: WAF Rule ID 340362 — Atomicorp Documentation 2020 documentation

Interestingly, if I disable the resizing before upload, I get a different error (something about spam, which doesn’t make sense to me):

2023-04-20 16:13:06 Error 88.130.216.72 [client 88.130.216.72] ModSecurity: [file “/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/30_asl_antispam.conf”] [line “213”] [id “300051”] [rev “9”] [msg “Atomicorp.com WAF AntiSpam Rules: Possible Spam: General”] [data " 732951 found within ARGS:data: gkpwnn8jkuo4tftwvxh+g2b5nmgptu+ljjvjrafisyxhmghy4ywqufbnib2iju2wj27c9sxgegolgcgnc3vpvbomaohifjjmstem97cgmguv5koqiy0ot10wp6amljtj6ws+5xzzhq1+erh4thntabmteeuf0a13h2jdwyc4ybsa8daitfvr8tlk0fmzojurisqmamm//agtwed7jtgfry4q40zdonz46euyxww4odjeub03j9o2k7k0myssz/lulgrttcbh1udrcgrqkhz1bnj5wufjyphsvheznsyp+xaiadwf+ik4yge1pccr1bdlqgykwye0qkia5pi6fzkomomnqotdpen+yjtytvpgxtizwcr8ybhb5op6snk15vrh1nerkfxjjyikbcbwlu1iqgst1iiuwkzrg+5n3kb73spuptxirlws0cw1ikrfhb3kbog2wisdgovl5tbptbgloj5pzliay…“] [severity “WARNING”] Access denied with code 403 (phase 2). Pattern match “(?:magazine[ -.,\"\\'\\|]?(?:finder|netfirms)|rolex[ -.,\”\\'\\|]|z0rder|well-fargo|phvonline|weight-watcher|virility[ -_.,\”\\'\\|]pills|squirrelht|sams-club-online|nexium-online|levaquin-500|golden-coins|gmac-mortgage-corp|enlarge(ment)?pi [hostname “photos.luator.de”] [uri “/ws.php”] [unique_id “ZEFIcBFAvrfOIzhECOZgtAAAADs”]

Any idea what is causing this and if there is a way for me to fix it? I think changing server settings in this regard is not an option for me (it’s just a very simple web hosting package).

I’m using the digiKam 8.0.0 AppImage on Kubuntu 22.04.

I also tried exporting to Piwigo in darktable and there it is working, so it doesn’t seem to be a general problem of the server but rather something about how digiKam is doing it.

henkux · April 21, 2023, 3:15pm

I did a check if that is also happening on my installation. Linux Mint 21.1 and Digikam 8.0.0 appimage and my piwigo site hosted on piwigo.com. Single item and multiple item upload with resizing: no problems what so ever. So it looks like it is something ‘local’.
Sorry, not able to help you with that. Good luck in solving.

luator · April 21, 2023, 6:13pm

Yeah, I think it is something specific to the server configuration but since darktable works, it seems digiKam is doing something different that makes it fail for that server. I hope to figure this out, maybe it is something I could fix or at least work around.
Is there any log where I could see the exact request that digiKam sends to the server?