Surpass Web Hosting Forums - View Single Post

Dougcuk · April 14th, 2006, 9:27 PM

This may not apply to your situation but there seems a chance that my recent experience might be related to your problem.

If your website setup is correct but you start getting a "403 Forbidden Location" errors when saving or updating data - then one possible cause is an incorrect triggering of the Mod_Sec (Security Filter) system - which is designed to protect the server and website from hackers. I was unable to update any data containing the three letter sequence "PSY" until I found the following fix - others have reported different trigger sequences.

Test for a Mod_Sec problem by creating an .htaccess file in the root folder of your website that contains the following two lines:

SecFilterEngine Off
SecFilterScanPOST Off

The fix should activate immediately if it is going to work and will allow you to prove that your problem is a Mod_Sec problem - if it works you should then raise a Support Ticket detailing the problem and where possible provide a sample of the data or the actual problem string. Surpass Support can then fix the problem by modifying the server Security Filters. Remember to state in your Support Ticket report that you have used the SecFilter htaccess fix and have thus proved the cause of the problem.

Once the problem is fixed in the server setup the SecFilter lines should be removed from your .htaccess files. Running with the SecFilters turned off is not recommended other than as a diagnostic test and short term work-around while the problem is resolved in the server setup.

April 14th, 2006, 9:27 PM	#6 (permalink)
Dougcuk Registered User Fresh Surpasser Joined in Apr 2005 Lives in London, UK Hosted on SH64 9 posts Gave thanks: 0 Thanked 0 times	This may not apply to your situation but there seems a chance that my recent experience might be related to your problem. If your website setup is correct but you start getting a "403 Forbidden Location" errors when saving or updating data - then one possible cause is an incorrect triggering of the Mod_Sec (Security Filter) system - which is designed to protect the server and website from hackers. I was unable to update any data containing the three letter sequence "PSY" until I found the following fix - others have reported different trigger sequences. Test for a Mod_Sec problem by creating an .htaccess file in the root folder of your website that contains the following two lines: SecFilterEngine Off SecFilterScanPOST Off The fix should activate immediately if it is going to work and will allow you to prove that your problem is a Mod_Sec problem - if it works you should then raise a Support Ticket detailing the problem and where possible provide a sample of the data or the actual problem string. Surpass Support can then fix the problem by modifying the server Security Filters. Remember to state in your Support Ticket report that you have used the SecFilter htaccess fix and have thus proved the cause of the problem. Once the problem is fixed in the server setup the SecFilter lines should be removed from your .htaccess files. Running with the SecFilters turned off is not recommended other than as a diagnostic test and short term work-around while the problem is resolved in the server setup.