403 Forbidden - New post

Discussion in 'LiteSpeed Cache Plugin For WordPress' started by tininho, Sep 18, 2011.

  1. tininho

    tininho Member

    While trying to make new post with Wordpress I get the 403 Forbidden error, log shows this:

    2011-09-19 00:27:09.324 NOTICE [] mod_security rule triggered!
    [Mon Sep 19 00:27:09 2011] [error] [client] ModSecurity: Access denied with code 403, [Rule: 'ARGS' '(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)']
    [Msg: XSS attack]
    2011-09-19 00:27:09.324 NOTICE [] Content len: 1181, Request line: 'POST /wp-admin/post.php HTTP/1.1'

    How can I tell the server that this is not an XSS attack?
  2. ikiji

    ikiji Member

    I'm getting the same with an install of WHMCS

    Using version 4.1.8
  3. webizen

    webizen Well-Known Member

    This indicates that page (/wp-admin/post.php) that does the post contains value of "fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->" (any). You may verify by looking that source of the page (not php code itself). If that's the case, you can disable the rule.
  4. htduhoc2012

    htduhoc2012 New Member

    I am not still repair it. Anyone esle can have another opinion about this?
  5. NiteWave

    NiteWave Administrator

    what's your lsws version ?
  6. adhp123

    adhp123 Member

    it's almost the same but
  7. chaterbox

    chaterbox New Member

    Did you recover from this? If yes can you share the steps you did to overcome?

Share This Page