Hello,
I use a service called Mailgun to handle sending emails from my domain (smbeadna.x10host.com). It also has a nice feature where it can automatically run a script when I receive a certain type of email— I've set it up so when Mailgun identifies a recieved email as matching the filters I've defined, it sends a POST request to a link I've defined (smbeadna.x10host.com/user_paid.php), including the email data as POST variables. It worked yesterday. However, today, its requests are being marked as 403 Forbidden, despite me having correct permissions (644) on the user_paid.php and all files which are included from it. I have not touched any .htaccess files, and besides it was working yesterday. Even today, when I test it myself by constructing my own POST variables and sending a POST request to smbeadna.x10host.com/user_paid.php, it works perfectly.
x10 states that the only other reason I might get a "403 Forbidden" error is: "Your request might be being blocked by mod_security because it looks suspicious." This makes a lot of sense to me that an automated POST request made by a third-party service (Mailgun) would look suspicious. However, in this case it is not. Would you be able to whitelist these requests? I would be extremely grateful. Mailgun should only call this script (at most) a couple of times a day, and the script itself simply runs one basic PDO query, so it will take hardly any resources at all.
Thank you for any help you can provide!
Sincerely,
Elijah
I use a service called Mailgun to handle sending emails from my domain (smbeadna.x10host.com). It also has a nice feature where it can automatically run a script when I receive a certain type of email— I've set it up so when Mailgun identifies a recieved email as matching the filters I've defined, it sends a POST request to a link I've defined (smbeadna.x10host.com/user_paid.php), including the email data as POST variables. It worked yesterday. However, today, its requests are being marked as 403 Forbidden, despite me having correct permissions (644) on the user_paid.php and all files which are included from it. I have not touched any .htaccess files, and besides it was working yesterday. Even today, when I test it myself by constructing my own POST variables and sending a POST request to smbeadna.x10host.com/user_paid.php, it works perfectly.
x10 states that the only other reason I might get a "403 Forbidden" error is: "Your request might be being blocked by mod_security because it looks suspicious." This makes a lot of sense to me that an automated POST request made by a third-party service (Mailgun) would look suspicious. However, in this case it is not. Would you be able to whitelist these requests? I would be extremely grateful. Mailgun should only call this script (at most) a couple of times a day, and the script itself simply runs one basic PDO query, so it will take hardly any resources at all.
Thank you for any help you can provide!
Sincerely,
Elijah
