403 page

[gamersc]

i am getting a 403 error page

Forbidden
You don't have permission to access /admin/index.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

when i go to my admin panel. its making where i can't use my site without the ability to go to my admin panel.

http://xensor.x10host.com/index.php

 

[gamersc]

<div class='codebox'><span>$1</span></div>

this is the code it setting it off. i cant use bbcodes without ability to add them. i am getting 403 error when i try to set up my site.

 

[gamersc]

if i put anything after the <div> or any other html code in the box it gives me a 403 error page. its making my site unable to be used.

 

[ajstetson17]

It might be a mod_security conflict. Usually @Dead-i can help with these.

 

[essellar]

If worse comes to worst, those pages usually write to a config file that you should be able to edit manually. (There's only a problem POSTing through the front end of your site; there are no such restrictions through cPanel or FTP.) The syntax on the config file is usually easy to figure out (it has to be simple enough that even a stupid computer can read it), so you'd probably be able to get the immediate problem fixed yourself before the larger problem - the mod_security rules - is attended to.

 

[gamersc]

its a bbcode adder. something is blocking me being able to add bbcodes. that is saved to database.

 

[gamersc]

http://xensor.x10host.com/admin/index.php?module=config-mycode&action=edit


this is the page that gives me the 403. i have tried everything from the developers. its the hosting issue.

i would like some feed back from a admin tho.

yup its from this hosting thats causing it. i just tried remaking this issue on another hosting site and it worked just fine.

its something about this host that has it blocked.

 

[gamersc]

bump

(i am starting to feel like this site doesnt' give support for there hosting clients)

 

[gamersc]

bump bump

need fixed.

man this site gets worse with answering support. is there only one support person for this site?

 

[gamersc]

this site has become a joke for a hosting community.

i am sorry. but no support no fix for any issue we have thats on YOUR end. mod_security is a joke when it comes to hosting sites specially when you do not whitelist your own client's site. that thing breaks sites.

i can't even use my site due to the errors left and right. i understand its free. but to get people to want to upgrade or such is not by making them have errors. cause to me it makes me feel why should i upgrade? i am just gonna have the same exact issue.

the support, well don't even get me started about that. cause i can go back to a thread and it took a month for it to get any support. that was about wordpress. Now this, i only get one staff answering and it does nothing to help with the issue. this issue is out of my hand.


i mean its this page: http://xensor.x10host.com/admin/index.php?module=config-mycode&action=add

it allows me to add custom bbcodes to my site so my members can use bbcodes. but its giving 403. its not on my end. its the hosting end. i can do the same on another host and no errors given.

i was having issues left and right with wordpress, 404, 503, 502. errors we should not be getting as it kills seo.

want me to rethink about this hosting company?

then start actually replying, start fixing issues.

 

[Dead-i]

Hi,

it allows me to add custom bbcodes to my site so my members can use bbcodes. but its giving 403. its not on my end. its the hosting end. i can do the same on another host and no errors given.

I'm sorry for the delay here. Your request is being blocked by Mod Security because it contains potentially harmful content (which is either JavaScript or an unusual HTML tag). This request is blocked because it isn't something that typical users would submit (since normal users wouldn't be submitting JavaScript). While we can disable individual rules in the case of a false-positive, this rule does have genuine security purposes, and so I'm not so keen to disable this. Instead, please look into making your edits manually, as @essellar suggested.

mod_security is a joke when it comes to hosting sites specially when you do not whitelist your own client's site. that thing breaks sites.

Mod Security isn't a joke. On our free hosting service, many people host outdated or vulnerable software. We see account compromises on a daily basis, and Mod Security helps to prevent against this. If a request to a user's website looks suspicious, it gets blocked. If there is a false-positive, we can adjust the account's Mod Security configuration accordingly, provided that disabling the rule would not undermine website security.

Thank you,

 

[gamersc]

it is when it blocks us from using:

<div><code>$1</code></div>

and then they should be made to update there software. As any website developer knows anything outdated means bad.

 

[gamersc]

I am using no javascript.

\[box]hi\[/box]
<div><code>$1</code></div>

this is what i am trying to do. thats no java. its bbcode.

 

[gamersc]

BUMP would like to get this fixed as its effecting my website. i do not think a month of no support will fly this time. its shouln't even take that long.

 

[chatngox]

Does the back end of your site have a BB Code adder. Like (phpbb, mybb, ipb etc?) Did you add a new BB Code to phrase a JS?
That could be a problem

 

[gamersc]

Does the back end of your site have a BB Code adder. Like (phpbb, mybb, ipb etc?) Did you add a new BB Code to phrase a JS?
That could be a problem

<div><code>$1</code></div>

that is what i am trying to do. no js added. its mycode with mybb.

no Java is being added at all. just this site mod security is a joke.

 

[Dead-i]

Hi,

Since you are submitting HTML code, and normal users would not need to do this, your request is being blocked. This helps to prevent against common vulnerabilities in outdated/broken software. Please refer to my last post for more information, though I have copied and pasted a section below for convenience.

While we can disable individual rules in the case of a false-positive, this rule does have genuine security purposes, and so I'm not so keen to disable this. Instead, please look into making your edits manually, as @essellar suggested.

Thank you,

 

[gamersc]

can someone tell me why i am getting vpn or proxy error on cpanel login?

i am not using any at all

 

[rpsocial]

So wait. What if your site is a network on oxwall, and your members use custom html <style> tags and html to make custom profiles? That's a normal thing these days, and one of the key features of our community. <div> tags are key for making div style layouts and custom profiles as well. Does this mean it's not possible to do this on your hosting?

 

[gamersc]

So wait. What if your site is a network on oxwall, and your members use custom html <style> tags and html to make custom profiles? That's a normal thing these days, and one of the key features of our community. <div> tags are key for making div style layouts and custom profiles as well. Does this mean it's not possible to do this on your hosting?

pretty much and now can't even get onto the cpanel. this site has went south. the support is horrible. they keep stating about mod security is good. when i always read thats its a joke and it should be disabled and if not then should be considering other security measures.

i develop php and one thing i have learned is that mod security messes up new php version codes making it no good to even bother with.

i mean why am i getting a
"
We've found that you're connecting with a network proxy, VPN, or Tor, and we're unable to complete your request because of this. Please disable any such service, sign out and back in.

"

when i log onto cpanel when i always been able to without this issue. i have none of these when trying to get to cpanel. this site is just making it where we have to upgrade to even use their services and i do not like forced upgrades. if they want us to upgrade then they should show us why we should instead of making the free host so bad. as i see it is if the free hosting is bad then i guess the upgrades are worse.

i mean they use the same services for premium apparently if thats the case what would stop my site from working if i would to use:

<div class='row'>
<div class='col-lg-12'>
hi
</div>
</div>

and it come up to a 403 on their. There ways of security is horrible. Its opened to code injections real bad. and if anyone is using outdated php then they need to learn to upgrade or update the script as i could more likely hack into their site with a single code or javascript and be able to bypass the mod security. mod security is easy to bypass to be honest. easier then the devs or mods of this site realize.

so maybe they should force all users using old and outdated scripts to update instead of forcing all users to deal with this crappy security.

this is the only hosting service provider that uses mod security or doesn't white list its users like they should if using it when requested to be.