403 Forbidden POST with html

Status
Not open for further replies.

unident3

New Member
Messages
27
Reaction score
0
Points
1
I assume the issue is with html code in $_POST.
eed9e4b9db.png

I'm trying to make a BB tag for embedding YT videos, I've also had issues with
replacement code in other areas of my site, I was curious if I could get
confirmation and suggestions as to what actions could be taken.

Also, i have already checked permissions, files 644, folders 755
 
Last edited:

unident3

New Member
Messages
27
Reaction score
0
Points
1
After numerous google searches it seems that the most common issues with MyBB 403 messages are cause by the mod_security settings.
None of said posts elaborated on what the setting was or what it was changed to.
 

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
How many links were you trying to post within a single post?
 

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
Oh. Right. What happens if you make the replacement only say '$1' and post that?
 

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
Mhm.. what if you type some normal text (no '$1' or any tags) for the replacement? If the 403 is still triggered then it would probably be safe to say that a mod_security2 rule is detecting the regex pattern.
There are some X10 staff who are able to make the rule exception on a per-account basis but it can take some time for them to come on.
 

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
Does 'video id $1' also result in a 501 response?

EDIT: Trying to not hit a different rule with the wording used.
 

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
I'm not sure what you mean by this, /rule/ ?
When I was typing that post, an example I had in single quotes looked as if it might be in a mod_security2 rule so I edited it with something else just in case it ends up triggering a rule itself.

You guessed it. Passes just fine without regex.
So it works fine with the with regular expression in the first field but with the replacement being 'video id $1'?
 

unident3

New Member
Messages
27
Reaction score
0
Points
1
It works if I remove the regex, and there is plain text(IE: no html tags) in the replacement.
 

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
Two rules (regex, HTML tags[?]) are going into play?
If you were to have '<b>$1</b>' as replacement would it also have a 403/501? iframes are likely to be blocked as part of a rule (directly or indirectly) because of malicious uses from attackers.
Honestly I don't really know RegEx myself so I can't tell by the pattern if you could XSS inject that (could be the reason why that might be getting blocked also).
 

unident3

New Member
Messages
27
Reaction score
0
Points
1
Ok so, the 403 is being caused by the html tags being flagged, and I have no idea why the regex is being flagged.
 

unident3

New Member
Messages
27
Reaction score
0
Points
1
Still haven't gotten a response to this, everywhere I read, It comes back to incorrect "mod_sec" setting.
 
Status
Not open for further replies.
Top