Reputation: 163
Wordpress gives 403 error page on particular string
Ok, it's amazing.
I found that if i write, for example, "app/etc/local.xml" within an article, wordpress gives me a 403 error page during save or preview operations.
Now, I tried to decompose the string and i found that the problem is that " /etc/ " piece!! No errors for " etc ", " etc/ ", just for " /etc/ "!
I tried to activate debugging options also but no informations comes back about this error.
I tried to deactivate plugins and so on, but nothing happens!!!
The apache error_log says:
ModSecurity: Access denied with code 403 (phase 2). Pattern match....
It seems that for some kind of string within my posts, mod_security apache's module try to stop an injection.
Upvotes: 0
Views: 649
Answers (1)
Reputation: 27529
Looks like your hosting service is using ModSecurity.
My guess is that they have a pattern matching algorithm which sees etc in the path of a URL and assumes that it is an attempt to access the /etc/ part of the filesystem, which they interpret as an injection attack.
Options:
- Learn how to configure your server to disable this check; this assumes that your hosting provider would permit this
- Change your app so that it doesn't use
/etc/
Option 2 seems waaaay simpler.
Upvotes: 1
Related Questions
- Wordpress 403 Forbidden Error
- ModSecurity: Access denied with code 403
- how to solve 403 - Forbidden in wordpress?
- Extra sensitive Mod Security rules giving 403 forbidden error
- simple form input triggers 403 forbidden page
- ModSecurity: Access denied with code 403 & SQL injection Detected
- ModSecurity: Access denied with code 406 in apache
- System text causing 403 forbidden error in PHP
- GET with hyphens raises error 403
- apache mod_security says - Access Denied error