[split] 403 forbidden Error - Printable Version +- MyBB Community Forums (https://community.mybb.com) +-- Forum: 1.8 Support (https://community.mybb.com/forum-175.html) +--- Forum: General Support (https://community.mybb.com/forum-176.html) +--- Thread: [split] 403 forbidden Error (/thread-210410.html) |
[split] 403 forbidden Error - Avro - 2017-05-13 Quote:Whenever any user attempts to add an apostrophe (') or quotation mark (") to their signature it bounces back this error message and links to mydomain/usercp.php I'm sorry to necropost this thread, but I am having the same issue at my forum and, as far as I could figure out, mod_security is disabled and therefore not a problem. Therefore, what to do? RE: [split] 403 forbidden Error - .m. - 2017-05-14 can we have your forum url & a test user account RE: [split] 403 forbidden Error - Avro - 2017-05-14 Thanks for getting back to me :-) How shall I create a test account? Make an admin account, and send the password via PM? RE: [split] 403 forbidden Error - .m. - 2017-05-14 ^ yes, providing an admin account through PM can be more useful in finding the cause or you can create a normal user account & post here so that someone can check & provide suggestions RE: [split] 403 forbidden Error - Avro - 2017-05-14 PM sent! RE: [split] 403 forbidden Error - Avro - 2017-06-07 Okay. I just wanted to follow up with this thread for the sake of documentation; that way, in the future, other people having this problem know what I did to solve it. I contacted my web host, and it turns out that it was an issue with ModSecurity. This is how they explained it: Quote:This issue can be caused ModSecurity, which is an Apache module that works as a web application firewall. It blocks known exploits and provides protection from a range of attacks against web applications. TL;DR > My web host needed to whitelist a few rules so that I and other users could, among other things, put apostrophes and quotation marks in our signatures, as well as put HTML in posts. Only they could whitelist these rules; I wouldn't have been able to do it without their assistance or permission. So, to the future: check either ModSecurity or Suhosin, and be sure either to turn them off or to put exceptions in place. Cheers. |