[Help Wordpress] Apache 403 Error

Apache 403 Error

Hi,

I'm getting an apache 403 error, screenshot attactched when trying to save or preview (screenshot displays what happens when its a preview).

I tried to get in contact with the host to whitelist the rule that was getting triggered however they can't do this.

The Apache error is:

Message: [client 112.140.180.138] mod_security: Access denied with code 403, [Rule: 'ARGS|ARGS_NAMES|!ARGS:q|!ARGS:/^textarea-video/|!ARGS:leirro|!ARGS:lomake|!ARGS:vastaus|!ARGS:vraag|!ARGS:qti_data|!ARGS:tracklist|!ARGS:i_google|!ARGS:code_area_text|!ARGS:/log_code/|!ARGS:/^ADVERT_/|!ARGS:UserData|!ARGS:areas|!ARGS:templatecode|!ARGS:/prevObject/|!ARGS:/replaceAll/|!ARGS:/insertBefore/|!ARGS:/insertAfter/|!ARGS:/prependTo/|!ARGS:/appendTo/|!ARGS:/mapcode/|!ARGS:googleCode|!ARGS:/sidebar/|!ARGS:/ad_code/|!ARGS:/^recipient/|!ARGS:optional_head|!ARGS:/^form/|!ARGS:/^var_value/|!ARGS:variable_data|!ARGS:/^instance/|!ARGS:/customfield/|!ARGS:notice|!ARGS:/formcode/|!ARGS:/ajax/|!ARGS:all|!ARGS:allowedTags|!ARGS:/google_analytics/|!ARGS:/widget/|!ARGS:ad_code|!ARGS:/keycaptcha_code/|!ARGS:/jscode/|!ARGS:postcontents|!ARGS:/adsense/|!ARGS:video1|!ARGS:/updateAds/|!ARGS:map|!ARGS:gmapcode|!ARGS:/^Sidebar/|!ARGS:/^wpTextbox/|!ARGS:paragrafo|!ARGS:/question/|!ARGS:/style/|!ARGS:tracking_code|!ARGS:whats-new|!ARGS:analyticscode|!ARGS:top_news|!ARGS:data[config]|!ARGS:fulltext|!ARGS:introtext|!ARGS:offertext|!ARGS:block|!ARGS:livezillacode|!ARGS:/embed/|!ARGS:/desc/|!ARGS:/script/|!ARGS:/^p_process_chats/|!ARGS:obj_itop|!ARGS:/cms/|!ARGS:eventDescription|!ARGS:/^product/|!ARGS:match_report|!ARGS:eip_value|!ARGS:/^usergroup/|!ARGS:sendDescription|!ARGS:email_id|!ARGS:obj_itop|!ARGS:sml_prt_1|!ARGS:pay_inst_1|!ARGS:/^jform/|!ARGS:phpcode|!ARGS:intro|!ARGS:Snippet|!ARGS:oid|!ARGS:Submit2|!ARGS:/^obj_/|!ARGS:layout|!ARGS:pageset|!ARGS:contact_form_information|!ARGS:/^site_/|!ARGS:/^translations/|!ARGS:create_tables|!ARGS:insertfile|!ARGS:video_credits|!ARGS:input[Desarrollo]|!ARGS:move2|!ARGS:hoperation|!ARGS:login_form|!ARGS:/product_benefits/|!ARGS:/custom_code/|!ARGS:arg2|!ARGS:resumoDetalhe|!ARGS:bbcode_tpl|!ARGS:Right_photo_1|!ARGS:embedVideo|!ARGS:/^K2ExtraField/|!ARGS:mentorhelp|!ARGS:/submitcode/|!ARGS:beschrijving|!ARGS:custombannercode|!ARGS:bannercode|!ARGS:privatecapacity|!ARGS:diz|!ARGS:FormLayout|!ARGS:/^fck/|!ARGS:parent_name|!ARGS:/^code_tscript/|!ARGS:_qf_Group_next|!ARGS:project_company|!ARGS:categories_title|!ARGS:antwoord|!ARGS:project_company|!ARGS:signature|!ARGS:paepdc|!ARGS:tpl_source|!ARGS:teaser_js|!ARGS:/^autoDS/|!ARGS:FrmSide|!ARGS:mainKeywords|!ARGS:/VB_announce/|!ARGS:guardar|!ARGS:/serendipity/|!ARGS:omschrijving|!ARGS:resolution|!ARGS:newyddionc|!ARGS:bericht|!ARGS:property_copy|!ARGS:/^outpay/|!ARGS:bedrijfsprofiel|!ARGS:s_query|!ARGS:finish_survey|!ARGS:photolater|!ARGS:ticket_response|!ARGS:/element/|!ARGS:option[vbpclosedreason]|!ARGS:/introduction/|!ARGS:/contenido/|!ARGS:/sql/|!ARGS:query|!ARGS:c_features|!ARGS:/tekst/|!ARGS:embeddump|!ARGS:other_clubs|!ARGS:/^elm/|!ARGS:/^saes/|!ARGS:dlv_instructions|!ARGS:/^cymr/|!ARGS:_qf_Register_upload|!ARGS:/^elm/|!ARGS:verbiage|!ARGS:news|!ARGS:/^wz/|!ARGS:tiny_vals|!ARGS:sSave|!ARGS:/article/|!ARGS:/about/|!ARGS:/Summarize/|!ARGS:/^product_options/|!ARGS:/SiteStructure/|!ARGS:/anmerkung/|!ARGS:/summary/|!ARGS:/edit/|!ARGS:reply|!ARGS:/story/|!ARGS:resource_box|!ARGS:navig|!ARGS:preview__hidden|!ARGS:/page/|!ARGS:order|!ARGS:/post/|!ARGS:youtube|!ARGS:reply|!ARGS:business|!ARGS:/homePage/|!ARGS:pagimenu_inhoud|!ARGS:/note/|!ARGS:Post|!ARGS:/^field_id/|!ARGS:area|!ARGS:/detail/|!ARGS:/comment/|!ARGS:LongDesc|!ARGS:ta|!ARGS:Returnid|!ARGS:busymess|!ARGS_NAMES:/^V\*/|!ARGS_NAMES:/^S\*/|!ARGS:/^quickrise_advertise/|!ARGS:rt_xformat|!ARGS:/wysiwyg/|!ARGS:contingut|!ARGS:/^werg/|!ARGS:/body/|!ARGS:/css/|!ARGS:/^section/|!ARGS:/msg/|!ARGS:t_cont|!ARGS:/^doc/|!ARGS:/xml/|!ARGS:tekst|!ARGS:formsubmit|!ARGS:invoice_snapshot|!ARGS:submit|!ARGS:/message/|!ARGS:/html/|!ARGS:/content/|!ARGS:/footer/|!ARGS:/header/|!ARGS:/footer/|!ARGS:/link/|!ARGS:text|!ARGS:/txt/|!ARGS:/refer/|!ARGS:/referrer/|!ARGS:/template/|!ARGS:/ajax/' '(?:< ?script|(?:<|< ?/)(?:(?:java|vb)script|about|applet|activex|chrome)|< ?/?i?frame|\%env)'] [ID "340147"] [Msg "Atomicorp.com WAF Rules: Potential Cross Site Scripting Attack"] [severity "CRITICAL"] [MatchedString "

Apache Error ID: [ID "340147"]

Don't really understand how its flagging an XSS attack, when its on the same domain.

Is this something you can patch into your next version or identify what is causing this.

Whitelisting Apache ID's isn't a great way to deal with it as web servers become more and more sensitive so was hoping you might have a patch or code fix, or if I can get more information for you more than happy to help.

.

help.dimsemenov.com