MyBB Community Forums

Yes, another thread about this. I have searched and found many threads with this topic, which tells me it is a widespread problem, but none detailing a fix.

My board's members and I have been getting 403 errors at times, but only at times. I have even experienced trying to post a new topic and getting the error continuously, but if I press back and just try to post "test", it will work (and then if I go back and try to post a new topic with the original text, it will 403 me again...).

I've renamed htaccess.txt to .htaccess (without modifying it). However, I can't do anything further with it because when I renamed it, it disappeared both from my FTP program AND from the file manager on the cPanel of my host (which is paid...so one would think it wouldn't be the cause of something like this). Dunno if that's supposed to happen...

I read something about how some hosts override MyBB's error messages with their own 403 page. If this is the case, how can I get MyBB to give me ITS error message (so I can see what's wrong) instead of just the generic 403?

Thanks!!!

You'd have to ask your host, MyBB by itself wouldn't cause 403s.

Thanks, but i wouldn't know what to tell them. I can't just say I got a 403 error...they wouldn't know what to help me with.

....or would they?

If they don't, they're incompetent. :V

It's not an issue with MyBB, but your web provider.
Just tell them that you're experiencing 403 errors and it's not your fault.

Okay, thanks. I will try opening another ticket with them.

Unfortunately they've only seemed to have marginal competence when it has come to various other things I've needed to contact them for so...we shall see.

I will post again here if they reply with something stupid, or if they mention something like it must be the software's fault etc.

EDIT: I mentioned in my post about how MyBB's knowledge-base says that mod_security should be turned off. He asked me to confirm that I need mod_security turned off. Is this the right thing to do? Also, what are the downsides to this?

Are you using MyBB 1.6x? It should be mod_security compatible more so than 1.4x.

And what's your site URL? Curious what your posting that's being flagged by mod_sec. Normal posts should not trigger a regular ruleset. But if you're running say a coding forum then you might have these problems.

I am presumably using the latest version, as I just downloaded the package yesterday.

I went ahead and had them turn mod_security off. Sure enough, things that people couldn't post before (due to 403) are now post-able. So it must have been the problem.

I don't know the specific content of the posts people have been trying to make, but one of the ones I had tried to post that gave me 403 didn't have anything strange in it--it was just a list of various "X or Y" questions (e.g., "1) X or Y? \n 2) W or V?" etc.), intended to be a fun topic to fill up the board with more posts. Guess it was just some combination of MyBB and the particular host.

At any rate, our board URL is http://www.mmbnchronox.com/forum/ in case you still are curious enough to check it out.

Looks like a normal site and imho they probably have their mod_sec rules too tight if you average post is having a problem. It's not unheard of that a host screws up the module.

If each host can have their own mod_sec rules, then I gotta say that what you said labrocca is probably the answer.

Thanks to everyone who posted. Much appreciated. We haven't had any 403 problems since the host turned off mod_sec.