This thread is over two years old and may be outdated. Please create a new thread if you need help, or email us if you have an active Premium license.

Error 403 when creating a button linking to pdf file

Open 1 reply bug-reportpluginplugin-page-builder
plitwin
6 years ago · Last reply by SiteOrigin 6 years ago

Hello,
I experienced a problem on one of the customer’s site recently. I tried to add a new post with Page Builder and two widgets: Editor + Button.
Button was supposed to link to pdf file, but when I try do publish the new post I get the error 403.

[Thu Jun 06 13:54:46.155480 2019] [:error] [pid 28:tid 140204199356160] [client 194.181.252.78:52529] [client 194.181.252.78] ModSecurity: Access denied with code 403 (phase 2). Pattern match "http://[a-zA-Z0-9._]{1,}?/.{0,}?\\.pdf\\b[^\\n\\r]{0,}#" at ARGS:panels_data. [file "/usr/share/waf/09_Global_Other.conf"] [line "21"] [id "211050"] [rev "1"] [msg "COMODO WAF: Universal PDF XSS URL Detected.||||2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.mydomain"] [uri "/wp-admin/admin-ajax.php"] [unique_id "XPj-Bqv34OrCqnvJli15GwAAAAU"], referer: http://mydomain/wp-admin/post-new.php

It seems that server recognizes button as a potential threat, but when I create normal url leading to pdf everything works just fine.
I saw couple of threads refering to 403 error issue, but none of them seemed similar to mine.

This is our free support forum. Replies can take several days.

Need fast email support? Get SiteOrigin Premium

Replies

1
  1. SiteOrigin 6 years, 8 months ago

    Hi, thanks for posting.

    Unfortunately, there isn’t anything we’re able to do from our end. Please, reach out to hosting support and ask them if they can check ModSecurity logs and perhaps resolve this false positive issue.

Replies on this thread are closed.

Please create a new thread if you have a question, or purchase a SiteOrigin Premium license if you need one-on-one email support.

Have a different question or issue?

Start New Thread