Tweet
I am new to EspoCRM, and am in the process of trying to import a small database created in Excel.
Whenever I attempt to do so, after the mapping fields stage when I click 'Run Import', the result is 'Error 406'.
My shared Cpanel host error log has no entries corresponding to this, and neither does the EspoCRM log in the Data folder, however my browser console shows two errors were encountered:
and
Looking at the last line of the second error, I saw a reference to mod security.
Disabling this on my host allowed the import to proceed (after also purging Cloudflare caches & switching to development mode - not sure why this was required since Cloudflare is not meant to be caching the subdomain EspoCRM is installed on, and is supposedly just handling DNS).
The import did not produce quite the desired result, but that is another issue (problems within the source csv file no doubt).
The main issue right now is that I understand it is considered risky to turn mod security off - and this is certainly not a very elegant process to have to repeat every time I want to try a new import.
What is required to get EspoCRM to coexist with mod security?
Whenever I attempt to do so, after the mapping fields stage when I click 'Run Import', the result is 'Error 406'.
My shared Cpanel host error log has no entries corresponding to this, and neither does the EspoCRM log in the Data folder, however my browser console shows two errors were encountered:
HTML Code:
Failed to load resource: the server responded with a status of 406 ()
HTML Code:
Uncaught (in promise)
w
errorIsHandled
:
false
onabort
:
null
onerror
:
()=>s()
onload
:
()=> {…}
onloadend
:
null
onloadstart
:
null
onprogress
:
null
onreadystatechange
:
null
ontimeout
:
()=>s(!0)
readyState
:
4
response
:
"<html><head><title>Error 406 - Not Acceptable</title><head><body><h1>Error 406 - Not Acceptable</h1><p>Generally a 406 error is caused because a request has been blocked by Mod Security. If you believe that your request has been blocked by mistake please contact the web site owner.</p></body></html>
Disabling this on my host allowed the import to proceed (after also purging Cloudflare caches & switching to development mode - not sure why this was required since Cloudflare is not meant to be caching the subdomain EspoCRM is installed on, and is supposedly just handling DNS).
The import did not produce quite the desired result, but that is another issue (problems within the source csv file no doubt).
The main issue right now is that I understand it is considered risky to turn mod security off - and this is certainly not a very elegant process to have to repeat every time I want to try a new import.
What is required to get EspoCRM to coexist with mod security?