Hello,
Thanks for reaching out.
The error, status of 403 () /wp-json/yoast/v1/prominent_words/save:1 typically occurs when there’s a setting or configuration in a WordPress plugin or your server that is preventing access to the REST API. It could be a security plugin that might be causing this. We have received similar reports from other users where the issue was caused by their web host’s security measures. Please contact your web host to check the mod_security settings that prevent our plugin from accessing the REST API request: /wp-json/yoast/v1/prominent_words/save
If there are no mod_security settings preventing access at the server, you may have a custom .htaccess rule that limits access to the WordPress REST API. Please review any security restrictions and whitelist the Yoast plugin for accessing the feature.
Lastly, if you are using caching on your site, you may need to adjust cache settings to remove /wp-json/yoast from the caching. If you are not sure how to do that please contact your host provider and/or caching plugin authors.
Once that has been resolved, you should be able to re-run the SEO data optimization process and it should complete without any more errors.
Furthermore, per the forum guidelines, we cannot answer questions about our premium products. If you have a Yoast SEO Premium subscription, please contact our support team directly.
Hi @maybellyne
I tried to explain that the problem is caused by a rule in Comodo WAF.
My problem is that they (Comodo and my HSP) are not willing to do anything about it becayse they think your implementation is wrong,
Hence my question: when will this be solved?
Thanks for your clarification. First thing first, are you currently running Yoast SEO Premium? If yes, please send us your query over at the [email protected] email address so that we can address the query better since you have a premium subscription. The forum here is only specific to Yoast SEO-free users.
On the other hand, we understand that you are unable to run the SEO data optimization due to the Comodo WAFs security rules and Comodo+HSP is unwilling to help you. Let’s see what’s going on here.
Yoast SEO runs concurrent HTTP requests when running the SEO data optimization. However, some web hosting provider and security firewall like WAFs by Comodo blocks the relevant requests and as such, Yoast SEO can’t perform the SEO data optimization. If Comodo and HSP are unwilling to help by clearing the relevant WAFs rules on your website, we are afraid to say that we can’t help as this is out of our control. Only they (Comodo and HSP) have access to the relevant control panel to make that happen.
We hope that clarifies your query! If you need more information or assistance, please send us an email at our support inbox as mentioned initially.
Tnx. I spent literally hours already discussing this with all relevant parties whom are all pointing to each other. I will rephrase and hopefully you can help me with some information.
Comodo blocks the Yoast http requests because they resemble a “Blind SQL Injection Attack”
We are (like most starting businesses) relying on a shared hosting environment for our wordpress site. THe HSP or Comodo can’t just loosten their rules just for a single plug-in for one customer. This would be risky (WordPress is vulnerable to SQL injection attacks) for other customers but would also conflict with their businessmodel.
Your colleagues are aware of this (https://github.com/Yoast/wordpress-seo/issues/16018) and my only question was: when will this be solved?
Hello,
We see that you have also reached out via email. We will go ahead to mark this thread as resolved to keep the forum tidy.
Your email will be responded to by the technical support team.
Thanks.
Tnx. I got this reply from your colleague. I think it is good to share this so people can test this before the final decision to purchase a premium version of your plugin (which I do really like but cannot use to its full extend):
`Thanks for getting back to us. We understand that troubleshooting this issue has been a frustrating process.
It’s important to note that, in this case, the problem is not related to the Yoast SEO plugin but to Comodo’s very loose firewall rules that are triggered by the plugin’s normal functionality. While our developers are looking into how to make some future changes to avoid triggering this Comodo firewall rule, this is currently not a high priority.
We certainly want to keep you as a Yoast SEO user. Unfortunately, there’s no solutions we can offer right now, other than suggesting you check out some of the webhosting companies we recommend.`
