403 Forbidden - New post

[tininho]

While trying to make new post with Wordpress I get the 403 Forbidden error, log shows this:

2011-09-19 00:27:09.324 NOTICE [82.181.193.116:57055-0#XXXX] mod_security rule triggered!
[Mon Sep 19 00:27:09 2011] [error] [client 82.181.193.116] ModSecurity: Access denied with code 403, [Rule: 'ARGS' '(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)']
[Msg: XSS attack]
2011-09-19 00:27:09.324 NOTICE [82.181.193.116:57055-0#XXXX] Content len: 1181, Request line: 'POST /wp-admin/post.php HTTP/1.1'

How can I tell the server that this is not an XSS attack?

[ikiji]

I'm getting the same with an install of WHMCS

Using version 4.1.8

[webizen]

Quote:

...
[Mon Sep 19 00:27:09 2011] [error] [client 82.181.193.116] ModSecurity: Access denied with code 403, [Rule: 'ARGS' '(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)']
[Msg: XSS attack]
2011-09-19 00:27:09.324 NOTICE [82.181.193.116:57055-0#XXXX] Content len: 1181, Request line: 'POST /wp-admin/post.php HTTP/1.1'
...

This indicates that page (/wp-admin/post.php) that does the post contains value of "fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->" (any). You may verify by looking that source of the page (not php code itself). If that's the case, you can disable the rule.

[htduhoc2012]

Quote:

Originally Posted by webizen

This indicates that page (/wp-admin/post.php) that does the post contains value of "fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->" (any). You may verify by looking that source of the page (not php code itself). If that's the case, you can disable the rule.

I am not still repair it. Anyone esle can have another opinion about this?

[NiteWave]

what's your lsws version ?

[adhp123]

Quote:

Originally Posted by NiteWave

what's your lsws version ?

it's almost the same but

[chaterbox]

Did you recover from this? If yes can you share the steps you did to overcome?