403 Forbidden Error

  • Resolved jmoore688

    (@jmoore688)


    10 months, 2 weeks ago

    Hello,

    I see this error has been reported in the past but I don’t see an open thread to respond to. I recently upgraded to a Website Security plan with GoDaddy including Firewall protection. Since then, I have not been able to make updates to a Tablepress table. Not all tables have the issue but many of them do. I received the following information from GoDaddy and have resolved the issue temporarily by adding my IP address to a “whitelist” so that all requests are allowed, but they recommend the following for a permanent fix:

    From GoDaddy Support:

    They got into firewall logs and found out that there is something in the way the plugin works and makes changes in the database/files that trigger this error.
    So, for now, whitelisting IPs of the people who are working on this table would be the best solution.

    There are two permanent solutions.

    1. Contact plugin support and share with them the issue you experienced so they can issue a new version of the plugin that has the issue fixed. You would also share this article with them so they can follow Firewall rules -> https://labs.sucuri.net/signatures/waf/rfi009-rfi-lfi-attempt/

    2. Deactivating Firewall for good.

    This decision is up to you, and we from the WPPS, unfortunately, cannot help you with any.

Viewing 1 replies (of 1 total)
  • Plugin Author Tobias Bäthge

    (@tobiasbg)

    10 months, 2 weeks ago

    Hi!

    Thanks for your post and sorry for the trouble!

    Unfortunately, this is actually not an issue in TablePress, but simply caused by the way how that GoDaddy Firewall works. They are checking for certain patters of content in the data that is sent back and forth between your browser and the server, and if that data contains text or content that is in any way suspicious, the firewall will block the request.

    This can, for example, be common English words that are often used in database programming, like SELECT, UPDATE, or INSERT commands. If your table now contains these normal words (no matter the casing), the firewall erroneously triggers. This is obviously a false positive here.

    So, from my perspective, you would indeed need to continue with that IP allowlisting (so that you are basically allowed to send “everything”), or the firewall rules configuration needs to be adjusted to not trigger on these (or other) particular patterns of content.

    Best wishes,
    Tobias

Viewing 1 replies (of 1 total)

The topic ‘403 Forbidden Error’ is closed to new replies.