403 Error in Word press when saving pages or posts.

403 Error in Word press when saving pages or posts.

apache-logoWe recently ran into an issue being rolled on out on a handful of various web hosting companies using the Apache/Cpanel and whm server configuration. This recent server patch which started with one host and we observed as other host providers implemented it later and observed the same error happen these other hosting companies. The issue exists with Apache Mod Security (mod_sec) firewall flags.

THE PROBLEM

wordpress-logoThe error in word press you will see will be a 403 error on saving a page or post.

Another symptom you can’t edit a page or post as a 403 error also gets generated.

This recent patch, has a mod_security setting that has an issue with flagging functionality in wordpress forcing a mod_security flag causing the error.

 

THE FIX

Please note that not every item below is part of the fix, in most cases one of these 4 options will correct the problem. If the problems persist look into tracking the IP addresses via .conf rules to adjust for true attacks vs false positives.

1. In the .htaccess file for wordpress add in a mod_security parameter to disable (mod_security might be compiled to prevent this switch from working or by limiting the .htaccess authorization via AllowOverride settings.

SIMPLE HTACCESS CODE:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off
</IfModule>
# END WordPress

2. In Cpanel you can go to the mod security tab – disable mod security (not all web hosts allow mod security changing through cpanel – some providers restrict it).

3. If you are on a shared/co-host environment you may to contact your hosting support –  tell them you are having a mod security issue related to 403 error and they should be able reset the mod security so your install works correctly.

4 . If you are on a VPS or DEDICATED SERVER you should have access to root folders in cpanel you can edit your conf and mod security rules at  /usr/local/apache/conf/ and edit httpd.conf

Find the configuration item and remove the # symbol.

#LoadModule rewrite_module modules/mod_rewrite.so

NOTE: The other cause of this problem can sometimes be file permissions, permalinks or corrupted .htaccess files, all of which are relatively easy to correct.

 

Share this post