Title: 403 Errors, mod_security
Last modified: September 7, 2022

---

# 403 Errors, mod_security

 *  Resolved [unsquare](https://wordpress.org/support/users/unsquare/)
 * (@unsquare)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/)
 * Hi there!
 * I’ve started getting 403 errors on my sites today, and I’ve narrowed it down 
   to an issue with Jetpack.
 * Also, the errors only appear when I am logged in – the sites work fine for unauthenticated
   users.
 * Here’s what I found in my server error logs:
 * `[Wed Sep 07 20:14:47.073682 2022] [:error] [pid 25529:tid 139752690919168] [
   client ********] [client ********] ModSecurity: Access denied with code 403 (
   phase 4). Match of "rx \\\\ssrc=\\\\x22https:\\\\/\\\\/www\\\\.googletagmanager\\\\.
   com\\\\/ns\\\\.html\\\\?id=GTM|\\\\ssrc=\\\\x22https:\\\\/\\\\/w\\\\.soundcloud\\\\.
   com\\\\/player\\\\/\\\\?url=" against "TX:0" required. [file "/etc/apache2/modsecurity.
   d/rules/comodo_free/19_Outgoing_FilterInFrame.conf"] [line "14"] [id "214540"][
   rev "5"] [msg "COMODO WAF: Possibly malicious iframe tag in output||fullofwords.
   com|F|3"] [data "Matched Data: <iframe src=\\x22https://widgets.wp.com/3rd-party-
   cookie-check/index.html\\x22 style=\\x22display:none found within TX:0: <iframe
   src=\\x22https://widgets.wp.com/3rd-party-cookie-check/index.html\\x22 style=\\
   x22display:none"] [severity "ERROR"] [tag "CWAF"] [tag "FilterInFrame"] [hostname"
   fullofwords.com"] [uri "/index.php"] [unique_id "Yxj7tlI-CVeSPfrqHhMjkQAAAMc"],
   referer: https://fullofwords.com/wp-admin/``
 * Let me know if you need anything else to troubleshoot this issue!
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2F403-errors-mod_security%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 10 replies - 1 through 10 (of 10 total)

 *  Thread Starter [unsquare](https://wordpress.org/support/users/unsquare/)
 * (@unsquare)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15988951)
 * Also, I’m using Plesk hosted on Amazon Lightsail.
 *  Plugin Author [Brandon Kraft](https://wordpress.org/support/users/kraftbj/)
 * (@kraftbj)
 * Code Wrangler
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15988974)
 * Really appreciate it. That is an iframe added in the 11.3 cycle, so this is very,
   very interesting. We’re digging in.
 *  Thread Starter [unsquare](https://wordpress.org/support/users/unsquare/)
 * (@unsquare)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15989131)
 * Thanks to the suggestion to deactivate Jetpack Notifications in [one of the other threads](https://wordpress.org/support/topic/blocks-access-to-the-admin-codification-errors/)
   about this issue, I was able to resolve the problem as follows:
 * 1. Rename the Jetpack plugin folder from FTP to deactivate the plugin.
    2. Access
   the WordPress admin Dashboard. 3. Change the Jetpack plugin folder back to the
   original name in FTP. 3. Reactivate the Jetpack plugin. 4. Go directly to the
   Jetpack modules page at wp-admin/admin.php?page=jetpack_modules and deactivate
   the Notifications module.
 * After taking those steps, my site loads as normal.
    -  This reply was modified 3 years, 8 months ago by [unsquare](https://wordpress.org/support/users/unsquare/).
 *  [zilon93](https://wordpress.org/support/users/zilon93/)
 * (@zilon93)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15990192)
 * I have the same issue and this was the solution.
 *  Plugin Author [Brandon Kraft](https://wordpress.org/support/users/kraftbj/)
 * (@kraftbj)
 * Code Wrangler
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15991887)
 * I realize this is a big ask— [@unsquare](https://wordpress.org/support/users/unsquare/)
   do you have a spare website on a server that is throwing this error that we could
   either use to test out a solution or you be willing to run a beta with a patch?
 * That might be faster than our current route of trying to setup hosting in places
   that have matching config. I don’t like that we’re wasting time trying to duplicate
   instead of just fixing it 🙂
 * If so, can you send me a note at kraft [at] automattic.com?
 *  [dirkriehle](https://wordpress.org/support/users/dirkriehle/)
 * (@dirkriehle)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15992376)
 * Switched example site to email
    -  This reply was modified 3 years, 8 months ago by [dirkriehle](https://wordpress.org/support/users/dirkriehle/).
 *  [blunoa](https://wordpress.org/support/users/blunoa/)
 * (@blunoa)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15992741)
 * Yes worked for me
    only did one step
 * `www.yourwebsite.com/wp-admin/admin.php?page=jetpack_modules`
    and deactivate
   the Notifications module.
 * All back to normal
    -  This reply was modified 3 years, 8 months ago by [blunoa](https://wordpress.org/support/users/blunoa/).
 *  [spinweb](https://wordpress.org/support/users/spinweb/)
 * (@spinweb)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15994379)
 * Same issue here – [@unsquare](https://wordpress.org/support/users/unsquare/)’
   s temproary fix works for the moment, thanks for that.
 *  [dvmarques](https://wordpress.org/support/users/dvmarques/)
 * (@dvmarques)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15994511)
 * Cant access [http://www.yourwebsite.com/wp-admin/admin.php?page=jetpack_modules](http://www.yourwebsite.com/wp-admin/admin.php?page=jetpack_modules),
   it says i dont have permission to access this page, im admin why it says that?
 *  Plugin Author [Brandon Kraft](https://wordpress.org/support/users/kraftbj/)
 * (@kraftbj)
 * Code Wrangler
 * [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15995094)
 * We’re shipping out Jetpack 11.3.1 right now to resolve this. If you saw the issue,
   please update your site once it is offered in wp-admin and then you can re-enable
   the Notifications module.
 * If you have been unable to use the workaround to disable the Notifications, you
   can use your hosts’ file manager or FTP to delete the wp-content/plugins/jetpack/
   modules/notes.php file, then it’ll let you back into wp-admin and you can upgrade
   to Jetpack 11.3.1.

Viewing 10 replies - 1 through 10 (of 10 total)

The topic ‘403 Errors, mod_security’ is closed to new replies.

 * ![](https://ps.w.org/jetpack/assets/icon.svg?rev=2819237)
 * [Jetpack - WP Security, Backup, Speed, & Growth](https://wordpress.org/plugins/jetpack/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/jetpack/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/jetpack/)
 * [Active Topics](https://wordpress.org/support/plugin/jetpack/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/jetpack/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/jetpack/reviews/)

 * 11 replies
 * 8 participants
 * Last reply from: [Brandon Kraft](https://wordpress.org/support/users/kraftbj/)
 * Last activity: [3 years, 8 months ago](https://wordpress.org/support/topic/403-errors-mod_security/#post-15995094)
 * Status: resolved