Home>Support>The word “Having” gives Error 403

The word “Having” gives Error 403

By mattmatt007, 6 years ago. Last reply by Alex S, 6 years ago.
Notice: This thread is over two years old; the information may be outdated. Please consider creating a new thread if you require free support. If you have an active SiteOrigin Premium license, you can email our premium support desk at [email protected].

Unknown how long the issue has been present, as the actions to recreate had not occurred for a very long time.

Inherited a wordpress site for a customer from someone “who was doing it as a hobby” and whilst it isn’t in the best shape css-wise, it does what they need it to

WordPress 5.1.1 running Elle theme. Using Genesis 2.8.1.
PHP 5.6 (tried 7.0 too) on apache w/litespeed (not enabled/caching) on cloudlinux 7.6
Page builder 2.10.2
Widgets bundle 1.15.3

Whilst it’s unknown if it happened prior to WordPress 5 (we created the pages a few years ago and never touched since), the PHP version was updated when WP was, page builder and widgets bundle too – still it occurs.

I’ve disabled all plugins – no difference (disabling page builder obviously fixed it, but that’s not the point)

I then looked at recreating the widgets – maybe something was corrupted in them?.. This is when I narrowed down a sentence “.. and having fun..” and found that the inclusion of the word “having” will result in a 403 on trying to preview a SiteOrigin Editor widget, results in a 403 and no saving upon attempting to save a widget, and if you try to edit a widget containing the word, error 403. Try to save a page with the word in an existing widget from before – error 403.

This happens only when editing the pages/widgets, the front end and the existing mentions of “having” all display fine to the visitor.

Furthermore, characters before “having” such as “behaving” trigger this too however, having-comma “having, ” does not trigger it

having – 403
having, – 200
behaving – 403
behaving, – 200
havin – 200
aving – 200
have – 200

To replicate:
goto Posts – Edit one with siteorigin editor – add row – add siteorigin editor widget – type ‘having’ – click preview .. you get 403.
-or-
try to edit an existing siteorigin editor widget that has the word in.

Please could someone kindly offer any advice/assistance?

Thanks,
Matt

This is our free support forum. Replies can take several days. If you need fast email support, please purchase a SiteOrigin Premium license.

  1. 6 years, 3 months ago Alex S
    Hi, I Work Here

    Hi Matt,

    This is a really strange issue. I’m unable to replicate this issue, but I think I know what the cause is. Please reach out to your hosting provider and ask if mod_security (or an equivalent) is enabled and if they have any records of you getting blocked. You may need to provide them with an account so they can work out how to resolve the issue with their rule.

    Typically this sort of issue occurs when there’s an overly vague rule is present.

  2. 6 years, 3 months ago mattmatt007

    You are absolutely right – I had not thought to check that. With the option to turn it off in cPanel, it immediately worked.

    So I’m onto the webhost to confirm the mod_security rules. (I can see on my own VPS a search for ‘having’ in Mod_security rules brings back results due to the ‘HAVING’ injection attacks so maybe this is it.)

    Thank you

  3. 6 years, 3 months ago Alex S
    Hi, I Work Here

    Hi Matt,

    Awesome! I’m really happy that was able to point you in the right direction. Best of luck working out the relevant rule and adjusting it to prevent this sort of issue.

    Please be sure to post another thread if you have any other questions.

Replies on this thread are closed. Please create a new thread if you have a question, or purchase a SiteOrigin Premium license if you need one-on-one email support.

Get The Most Out of SiteOrigin with SiteOrigin Premium

Find Out More