forbidden error in forums

Status
Not open for further replies.

rave

New member
YNNLyRR.jpg
 

un4saken

Administrator
Code:
Inbound Anomaly Score Exceeded (Total Inbound Score: 5 - SQLI=0,XSS=0,RFI=0,LFI=0,RCE=0,PHPI=0,HTTP=5,SESS=0): HTTP Header Injection Attack via payload (CR/LF and header-name detected)

Please use another browser or disable some extensions. Our firewall blocks you for some reason.
 

rave

New member
@un4saken i am using chrome browser and this problem also displaying to @genesis
 

un4saken

Administrator
Not a server problem. Firewall thinks something is attacking to us. Can you try with CTRL+SHIFT+N ?
 

Genesis

Administrator
@rave @mazl was pointing the finger in the right direction that this may have something to do with smart tags triggering modsecurity firewall.

I Googled and found this discussion that I thought may be applicable:
https://community.mybb.com/thread-220094-post-1315975.html#pid1315975

It's not so much the fault of MyBB software itself, it's the hosting companies that have enabled ModSecurity for whatever reason.

So, it's up to us Admins to contact the hosting company to turn off the ModSecurity or allow us to turn it off by another method.

Placing the blame on MyBB software is incorrect.

Could be the Data centre turned on ModSecurity, so to get past this people disable it through htaccess file or the Datacentre could give them an option to disable it through the account interface. I'm guessing here of course. @un4saken is probably the best person to investigate as he is managing the interface with the Data centre.
 

mazl

New member
Genesis said:
@rave @mazl was pointing the finger in the right direction that this may have something to do with smart tags triggering modsecurity firewall.

I Googled and found this discussion that I thought may be applicable:
https://community.mybb.com/thread-220094-post-1315975.html#pid1315975

It's not so much the fault of MyBB software itself, it's the hosting companies that have enabled ModSecurity for whatever reason.

So, it's up to us Admins to contact the hosting company to turn off the ModSecurity or allow us to turn it off by another method.

Placing the blame on MyBB software is incorrect.

Could be the Data centre turned on ModSecurity, so to get past this people disable it through htaccess file or the Datacentre could give them an option to disable it through the account interface. I'm guessing here of course. @un4saken is probably the best person to investigate as he is managing the interface with the Data centre.
Yes and no.We have installed ModSecurity on the server but actually in the cpanel "Security-ModSecurity" section you can turn it off in individual accounts.

@rave I don't think this is related to Immunify360.From your url it seems your reply is submitted but something went wrong when loading the page with your reply.

@un4saken I think there is no need to completely disable modsecurity and immunify360.They do offer protection but sometimes they are over-sensitive.Just disable the related rule and see what happens later.
 

Genesis

Administrator
hgiova said:
I am also having the same problem (403), particularly when trying to reply to the thread?https://www.gigarocket.net/forum/thread-12308.html?It does not matter if I quote or not, I am not using any tags, emoticons/smilies, nothing special. Just text.

Thank for bringing this to our attention @hgiova. I checked it here:
https://www.gigarocket.net/forum/thread-12308-post-88460.html#pid88460

Genesis said:
Just shows you how fickle this "forbidden" error is. I'm OK with getting in, BUT I may not be OK in another discussion. It's happened to me previously. Looks as though it's a ModSecurity issue - on an intermittent basis.

I'll bring it to the attention of @un4saken again.
 
Status
Not open for further replies.