403 Forbidden - New post

#1
While trying to make new post with Wordpress I get the 403 Forbidden error, log shows this:

2011-09-19 00:27:09.324 NOTICE [82.181.193.116:57055-0#XXXX] mod_security rule triggered!
[Mon Sep 19 00:27:09 2011] [error] [client 82.181.193.116] ModSecurity: Access denied with code 403, [Rule: 'ARGS' '(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)']
[Msg: XSS attack]
2011-09-19 00:27:09.324 NOTICE [82.181.193.116:57055-0#XXXX] Content len: 1181, Request line: 'POST /wp-admin/post.php HTTP/1.1'

How can I tell the server that this is not an XSS attack?
 

webizen

Well-Known Member
#3
...
[Mon Sep 19 00:27:09 2011] [error] [client 82.181.193.116] ModSecurity: Access denied with code 403, [Rule: 'ARGS' '(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)']
[Msg: XSS attack]
2011-09-19 00:27:09.324 NOTICE [82.181.193.116:57055-0#XXXX] Content len: 1181, Request line: 'POST /wp-admin/post.php HTTP/1.1'
...
This indicates that page (/wp-admin/post.php) that does the post contains value of "fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->" (any). You may verify by looking that source of the page (not php code itself). If that's the case, you can disable the rule.
 
#4
This indicates that page (/wp-admin/post.php) that does the post contains value of "fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->" (any). You may verify by looking that source of the page (not php code itself). If that's the case, you can disable the rule.
I am not still repair it. Anyone esle can have another opinion about this?
:(
 
Top