I have a .net core web application with signalR elements which works pretty fine locally.
When I publish the application on my host (windows server, plesk, .net framework 4.8), I get an error as follows:
Backend
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Microsoft.AspNet.SignalR;
public class ChatHub : Hub
{
public void SendAll(string userid, string message)
{
(new Messages()).addMessage(message, DateTime.Now, userid);
string name = (new Users(userid)).getname();
Clients.All.broadcastMessage(name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), message);
}
}
Header
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js" type="text/javascript"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/signalr.js/2.4.1/jquery.signalR.min.js"></script>
JS
$.connection.hub.url = "/signalr";
$.connection.hub.start({ transport: 'longPolling' }).done(function() {
console.log("hub connection is made");
}).fail(function() {
console.log("connection to the hub has been failed");
});
2
Answers
The problem is not with your website, but with
Plesksettings Ask the support of the service provider to disableModSecurityin Plesk for your service ,if you have access yourself, you can do as follows :How to disable specific ModSecurity rules in Plesk per domain or server-wide
From comments: "How can I know which security codes should I allow?"
–> When you look into your error_log, you’ll find entries like
The "id" bracket gives you the rule id that you can enter into the exceptions list in your Plesk "Web Application Firewall". In the example above that would be rule no. 33350147.
Don’t allow many exceptions. Most rules make perfect sense. Only add rules to exceptions where you are sure that they are false positives.