Skip to:
Content
Pages
Categories
Search
Top
Bottom

403 errors

  • Avatar of Anointed
    Anointed
    Participant

    @anointed

    When a person clicks the ‘login’ link on the top buddypress bar, when they are in a ‘subsite’ like mypage.mysite.com they get a 403 error on redirect.

    This does not happen on the ‘main’ buddypress website, meaning no subdomain.

    I asked my sysadmin and she said:

    I would guess that this has more to do with your redirect as both actual pages (the page and the page your are referring to) work properly.

    403 typically means that you have a permissions issue with the directory you are accessing.

    It would appear that you are using wordpress so you might find better luck hitting up their forums to see if anyone there would understand it better. Sorry I can’t be more helpful.

    I’m guessing someone has run into this problem before.

    Anyone have an idea of how to attack this problem?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Avatar of Anointed
    Anointed
    Participant

    @anointed

    Here is the file from my error logs.

    [Thu Jan 29 22:11:54 2009] [error] [client 24.19.248.43] mod_security: Access denied with code 403. Pattern match “\\.php\\?(([a-zA-Z0-9\\-\\_\\.\\[\\]]*)=(http|https|ftp))” at REQUEST_URI [id "6600001"][rev "1"] [msg "Hsphere Rules 1: experimental rule for most php application attacks. Report false positives"] [severity "CRITICAL"] [hostname "support.mysite.net"] [uri "/wp-login.php?redirect_to=http%3A%2F%2Fsupport.mysite.net%2F"] [unique_id "SYJv@sz1K2IAAEkMDOo"]

    Obviously mod_security is stopping this believing it’s an attack.

    One thing I do not want to do is turn off mod_security, as when I look through just today’s logs there are thousands of actual attack attempts. I had no idea I was such a target already…

    Is there a way to add exception rules to mod_security?

    Or is there a better way to do this so I can use wordpressmu with buddypress?

    Avatar of shawnkhall
    shawnkhall
    Member

    @shawnkhall

    Since the rule itself has the annotation

    [msg "Hsphere Rules 1: experimental rule for most php application attacks. Report false positives"]

    …I’d contact Hsphere and report it as a false positive.

    Though as a security precaution, this should be changed within BP, too.

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.