Inbound Anomaly Score Exceeded (Total Inbound Score: 5 - SQLI=0,XSS=0,RFI=0,LFI=0,RCE=0,PHPI=0,HTTP=5,SESS=0): HTTP Header Injection Attack via payload (CR/LF and header-name detected)
It's not so much the fault of MyBB software itself, it's the hosting companies that have enabled ModSecurity for whatever reason.
So, it's up to us Admins to contact the hosting company to turn off the ModSecurity or allow us to turn it off by another method.
Placing the blame on MyBB software is incorrect.
Yes and no.We have installed ModSecurity on the server but actually in the cpanel "Security-ModSecurity" section you can turn it off in individual accounts.Genesis said:@rave @mazl was pointing the finger in the right direction that this may have something to do with smart tags triggering modsecurity firewall.
I Googled and found this discussion that I thought may be applicable:
https://community.mybb.com/thread-220094-post-1315975.html#pid1315975
It's not so much the fault of MyBB software itself, it's the hosting companies that have enabled ModSecurity for whatever reason.
So, it's up to us Admins to contact the hosting company to turn off the ModSecurity or allow us to turn it off by another method.
Placing the blame on MyBB software is incorrect.
Could be the Data centre turned on ModSecurity, so to get past this people disable it through htaccess file or the Datacentre could give them an option to disable it through the account interface. I'm guessing here of course. @un4saken is probably the best person to investigate as he is managing the interface with the Data centre.
hgiova said:I am also having the same problem (403), particularly when trying to reply to the thread?https://www.gigarocket.net/forum/thread-12308.html?It does not matter if I quote or not, I am not using any tags, emoticons/smilies, nothing special. Just text.
Genesis said:Just shows you how fickle this "forbidden" error is. I'm OK with getting in, BUT I may not be OK in another discussion. It's happened to me previously. Looks as though it's a ModSecurity issue - on an intermittent basis.
I'll bring it to the attention of @un4saken again.