Mint refuses to track pages with titles with codes like &-#-8-2-1-7-;-s // Troubleshooting // Forum // Mint: A Fresh Look at your Site

Older | Newer

Mint refuses to track pages with titles with codes like &-#-8-2-1-7-;-s

JCFP
Minted
Posted on Apr 23, '08 at 09:58 am

by accident, i discover that mint refuses to track pages (most notably with secret crushes and referrers pepper, and may be main mint as well) that contain codes in the title, such as &-#-8-2-1-7-;-s (i hyphenated the code for clarity), that are used to denote contractions or punctuations like apostrophes and quotation marks. because my site has many many pages that includes these codes used in the title, Mint is giving me stats that are much lower than the stats from awstats using the sever log.

can someone verify this?

Shaun Inman
Mint/Pepper Developer
Posted on Apr 23, '08 at 10:12 am

Your Mint is running in Paranoid mode so I can’t troubleshoot this. However, this is known issue caused by an overzealous mod_security rule. (Mint isn’t refusing to track the page, mod_security is refusing to let Mint track the page.) In which case you should disable mod_security for your Mint directory.

JCFP
Minted
Posted on Apr 23, '08 at 12:03 pm

ok, shaun, i am trying this out…

if this is the cause, which of the stats will be under-reported? everything (including the # of unique IP and total visits)? or is it just secret crush and referrers peppers that are affected?

lastly, since i have been using Mint since 1.0+ and now just discovered this issue, are you implying that all my stats are incorrect (for everything i collected with v1 and v2.0, v2.1)?

JCFP
Minted
Posted on Apr 23, '08 at 12:16 pm

also, shaun,

can you explain why these HTML codes &-#-8-2-1-7-;-s are considered security risk so that the mod_security is interfering with Mint operation?

Shaun Inman
Mint/Pepper Developer
Posted on Apr 25, '08 at 02:29 pm

if this is the cause, which of the stats will be under-reported?

It’s not a question of under-reported, if mod_security prevents the server from responding to a request then nothing can be recorded for those urls.

can you explain why these HTML codes are considered security risk?

I can’t. I don’t think they are a security issue as much as they are a potential flag for comment and referrer spam (neither of which would affect Mint). I’ve tried contacting the maintainers of mod_security to get to the root of the issue but I received no reply.

JCFP
Minted
Posted on Apr 25, '08 at 02:44 pm

shaun,

to which version of mint does this mod_security issue apply? 1.x, 2.13, 2.14, 2.15?

i have changed the mod_security, and i am now seeing a jump in the stats, so i do believe this was part of the problem.

Shaun Inman
Mint/Pepper Developer
Posted on Jun 09, '08 at 08:52 am

Because this is a mod_security issue it applies to all versions of Mint.

Ryan J. Bonnell
Minted
Posted on Jul 23, '09 at 11:57 am

I have a similar and possibly related problem, in that Mint successfully tracks pages with special characters, but strips out the offending character when reporting the data.

I use a forward slash “/” as my page and section delimiter and use a plus symbol “+” in between page titles or phrases. The slashes get recorded correctly, but all of the plus symbols get stripped out.

Consider the following page title: Packages + Prices / Site Name, which when recorded and displayed by Mint would end up being Packages Prices / Site Name (notice the missing + symbol).

Is there an overzealous regular expression in Mint or something I can put into Apache’s .htaccess to properly report the page titles with the plus symbols?

A copy of my .htaccess file in Mint’s directory is below:

# Disables mod_rewrite
RewriteEngine Off

# Disables Aggressive mod_security Settings
<IfModule mod_security.c>
    SecFilterEngine Off
    SecFilterScanPOST Off
    SecFilterCheckURLEncoding Off
</IfModule>

I’m running Mint 2.17 with PHP 5.2.6 on a Media Temple (dv) 3.0 server and have mod_rewrite and mod_security.c disabled via .htaccess in the Mint directory.

Any help, insight or clarification is greatly appreciated. Thanks!

Shaun Inman
Mint/Pepper Developer
Posted on Jul 24, '09 at 12:50 pm

+ is url encoding for a space (an alternative to %20). It should be properly encoded when sent to Mint. Which domain are you seeing this problem on? mz.com, mwf.com as.com or fgr.com?

Ryan J. Bonnell
Minted
Posted on Jul 27, '09 at 11:10 am

[A plus sign] is url encoding for a space (an alternative to %20). It should be properly encoded when sent to Mint.

Ah ha — you’re absolutely right!

I never gave any thought that a plus sign (+), when url encoded, is considered equivalent to a space (%20).

Which domain are you seeing this problem on? mz.com, mwf.com as.com or fgr.com?

The domain I’m having problems with is as.com.

Let me know if you need anything else from me to help determine the problem. Thanks!

Shaun Inman
Mint/Pepper Developer
Posted on Jul 28, '09 at 10:03 am

I figured it out, the JavaScriptescape()function is used to encode the title for transmission via a query string during record. Changing that to encodeURIComponent() properly encodes the +. I’m hesitant to push this change out immediately as an update since it may have undesirable effects on other entities. You can change the code yourself in /pepper/shauninman/default/script.js if you can’t wait for the official, tested release.

Ryan J. Bonnell
Minted
Posted on Jul 28, '09 at 04:13 pm

I’m hesitant to push this change out immediately as an update […] you can change the code yourself in /pepper/shauninman/default/script.js if you can’t wait for the official, tested release.

I’ve tested the code changes you recommend and can confirm that it works on my test cases — the plus signs (+) are being properly recorded in Mint.

Hopefully this change will makes its way into the next update.

You’re the best. Thanks!

Older | Newer

You must be logged in to reply. Login above or create an account

Mint Forum

Mint refuses to track pages with titles with codes like &amp;-#-8-2-1-7-;-s

Mint refuses to track pages with titles with codes like &-#-8-2-1-7-;-s