server error (403 forbidden) when saving as editor

  • Resolved wpgerd

    (@wpgerd)


    6 years, 1 month ago

    Hello,
    I’m using Elementor and Ninjafirewall. If I made changes on a page, I can save this as admin, but if I made this changes as editor, I got server error (403 forbidden) when I want to save the changes. If I deactivate NinjaFirewall, I can save all changes as editor.

    Changed the Option of NinjaFirewall “Users Whitelist” to “Add all logged in users to the whitelist, but the same.
    Which option should I change so an editor can made changes to the text of post and pages?

    thanks
    Gerd

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author nintechnet

    (@nintechnet)

    6 years, 1 month ago

    There must be something in your post that doesn’t please the firewall, but it’s odd you’re still blocked while being whitelisted.

    Can you check the firewall log, it will be written why you were blocked. If there’s nothing is the log, it could be due to a “Firewall Policies > Advanced Policies > HTTP response headers” option (whitelist doesn’t apply to them). In that case, open your browser’s console (press F12), and check if you see any warning/error in its console while you submit the post.

    Thread Starter wpgerd

    (@wpgerd)

    6 years, 1 month ago

    Hi nintechnet,

    thanks for you quick response. In the log I found:

    02/May/20 16:22:25 #4253601 CRITICAL 115 xxx.xx.xx.xx POST /wp-admin/admin-ajax.php – Cross-site scripting – [POST:actions = {“save_builder”:{“action”:”save_builder”,”data”:{“status”:”publish”,”elements”:[{“id”:”9cb9839″,”elType”:”section”,”isInner”:false,”settings”:{“layout”:”full_width”,”jet_parallax_layout…] – domain.dev

    xxx is my IP. All settings of HTTP response headers are set to No. Setings of PHP there are all Yes an Varios are also to Yes.

    The problem occurs on the staging site. I set “Users Whitelist” to “Add all logged in users to the whitelist, also on the live-site and it looks like, there it runs. The only differenc I could identify is, that on staging Ninja is running in normal Mode, on Live it’s running in Full WAV Mode.

    Any suggestions from your side?

    thanks
    Gerd

    • This reply was modified 6 years, 1 month ago by wpgerd.
    Plugin Author nintechnet

    (@nintechnet)

    6 years, 1 month ago

    Maybe you’re having an issue with PHP session on the staging site and it isn’t working? In the “NinjaFirewall > Dashboard” page, do you see any warning about session and whitelisted user? If there’s one, you can try to debug: https://blog.nintechnet.com/ninjafirewall-php-sessions-debugging/

    MarjoriesDaughter

    (@marjoriesdaughter)

    5 years, 11 months ago

    Just FYI, related to this same issue …

    We have Ninja Firewall deactivated because it was causing PHP errors. Even with it deactivated, we had a similar problem yesterday to the problem described in this thread.

    Plugin Author nintechnet

    (@nintechnet)

    5 years, 11 months ago

    What kind of PHP errors? Can you paste them here?

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘server error (403 forbidden) when saving as editor’ is closed to new replies.