I've had no problems with this before but all of a sudden it says I don't have permission to edit the templates.
I can get into the template and edit it, but when I press either of these buttons I am taken straight to an error 403.
![[Image: 6nRu4l2.png]](https://camo.mybb.com/d49b836a33f30f026dfefc955d19a8e2d01bd656/687474703a2f2f692e696d6775722e636f6d2f366e5275346c322e706e67)
![[Image: pqymqZA.png]](https://camo.mybb.com/5c03bee92674524f9d360cb73877e91f743e2c2a/687474703a2f2f692e696d6775722e636f6d2f7071796d715a412e706e67)
Need help asap, thank you.
Sounds like your server may have mod_security enabled which may be causing this problem.
After many years of being with this host without any problems at all, why do you think they've enabled mob_security now. Kinda annoying.
Do you have the .htaccess file on?
I had this problem once when coding a MyBB site for someone. I'm not sure why but after I change htacces to .htaccess it fixed it lol
(2017-02-13, 05:55 PM)Citrus Wrote: [ -> ]After many years of being with this host without any problems at all, why do you think they've enabled mob_security now. Kinda annoying.
It may not be the cause, but that's been the cause when I've seen this kind of issue before.
As to why they might have enabled it, it's hard to say.
(2017-02-13, 06:31 PM)Nicole-Studios Wrote: [ -> ]Do you have the .htaccess file on?
I had this problem once when coding a MyBB site for someone. I'm not sure why but after I change htacces to .htaccess it fixed it lol
I only have a .htaccess in my admin backups directory, no where else.
Although in the main forum directory I've got these -
![[Image: eJSEdgJ.png]](https://camo.mybb.com/83a92933ec5734032f0a7047ebf2e0596386a094/687474703a2f2f692e696d6775722e636f6d2f654a534564674a2e706e67)
Use a .htaccess file to disable ModSecurity. Or better yet upgrade to a VPS and setup your own hosting environment. It's fun and you learn a lot
(2017-02-13, 07:50 PM)Lunorian Wrote: [ -> ]Use a .htaccess file to disable ModSecurity. Or better yet upgrade to a VPS and setup your own hosting environment. It's fun and you learn a lot
I have no idea what to put in the htaccess nor where to put it.
EDIT: I changed the htaccess.txt to .htaccess but I am still getting no permission when I go to edit templates.
htaccess -
Options -MultiViews +FollowSymlinks -Indexes
#
# If mod_security is enabled, attempt to disable it.
# - Note, this will work on the majority of hosts but on
# MediaTemple, it is known to cause random Internal Server
# errors. For MediaTemple, please remove the block below
#
<IfModule mod_security.c>
# Turn off mod_security filtering.
SecFilterEngine Off
# The below probably isn't needed, but better safe than sorry.
SecFilterScanPOST Off
</IfModule>
#
# MyBB "search engine friendly" URL rewrites
# - Note, for these to work with MyBB please make sure you have
# the setting enabled in the Admin CP and you have this file
# named .htaccess
#
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^forum-([0-9]+)\.html$ forumdisplay.php?fid=$1 [L,QSA]
RewriteRule ^forum-([0-9]+)-page-([0-9]+)\.html$ forumdisplay.php?fid=$1&page=$2 [L,QSA]
RewriteRule ^thread-([0-9]+)\.html$ showthread.php?tid=$1 [L,QSA]
RewriteRule ^thread-([0-9]+)-page-([0-9]+)\.html$ showthread.php?tid=$1&page=$2 [L,QSA]
RewriteRule ^thread-([0-9]+)-lastpost\.html$ showthread.php?tid=$1&action=lastpost [L,QSA]
RewriteRule ^thread-([0-9]+)-nextnewest\.html$ showthread.php?tid=$1&action=nextnewest [L,QSA]
RewriteRule ^thread-([0-9]+)-nextoldest\.html$ showthread.php?tid=$1&action=nextoldest [L,QSA]
RewriteRule ^thread-([0-9]+)-newpost\.html$ showthread.php?tid=$1&action=newpost [L,QSA]
RewriteRule ^thread-([0-9]+)-post-([0-9]+)\.html$ showthread.php?tid=$1&pid=$2 [L,QSA]
RewriteRule ^post-([0-9]+)\.html$ showthread.php?pid=$1 [L,QSA]
RewriteRule ^announcement-([0-9]+)\.html$ announcements.php?aid=$1 [L,QSA]
RewriteRule ^user-([0-9]+)\.html$ member.php?action=profile&uid=$1 [L,QSA]
RewriteRule ^calendar-([0-9]+)\.html$ calendar.php?calendar=$1 [L,QSA]
RewriteRule ^calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)\.html$ calendar.php?calendar=$1&year=$2&month=$3 [L,QSA]
RewriteRule ^calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)-day-([0-9]+)\.html$ calendar.php?action=dayview&calendar=$1&year=$2&month=$3&day=$4 [L,QSA]
RewriteRule ^calendar-([0-9]+)-week-(n?[0-9]+)\.html$ calendar.php?action=weekview&calendar=$1&week=$2 [L,QSA]
RewriteRule ^event-([0-9]+)\.html$ calendar.php?action=event&eid=$1 [L,QSA]
<IfModule mod_env.c>
SetEnv SEO_SUPPORT 1
</IfModule>
</IfModule>
#
# If Apache is compiled with built in mod_deflade/GZIP support
# then GZIP Javascript, CSS, HTML and XML so they're sent to
# the client faster.
#
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/css text/html application/xhtml+xml text/xml application/xml text/plain text/x-component application/javascript application/x-javascript application/rss+xml application/atom+xml application/json application/manifest+json application/x-web-app-manifest+json application/vnd.ms-fontobject application/font-sfnt application/font-woff application/font-woff2 image/svg+xml image/x-icon
</IfModule>
# Note: You are able to choose a different name in the Admin CP. If you've done that you need to change it here too
<Files "error.log">
Order Deny,Allow
Deny from all
</Files>
Man I need to sort this asap, being unable to modify templates on MY OWN FORUM is bloody annoying.
I would definitely advise contacting your host and asking them to disable "mod_security" if it is enabled.
If the htaccess file isn't helping, I would agree with Euan, ask your host.