This thread is resolved. Here is a description of the problem and solution.
Problem:
403 Forbidden err on new cust. posts for UPDATE in Wordpress EDIT (QUICKEDIT OK)
Solution:
Please try to follow the basic debug steps.
You can find the proposed solution in this case with the following reply:
=> https://toolset.com/forums/topic/403-forbidden-err-on-new-cust-posts-for-update-in-wordpress-edit-quickedit-ok/#post-1243898
Relevant Documentation:
https://toolset.com/documentation/programmer-reference/debugging-sites-built-with-toolset/#php-debugging
This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.
Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| - | 10:00 – 13:00 | 10:00 – 13:00 | 10:00 – 13:00 | 10:00 – 13:00 | 10:00 – 13:00 | - |
| - | 14:00 – 18:00 | 14:00 – 18:00 | 14:00 – 18:00 | 14:00 – 18:00 | 14:00 – 18:00 | - |
Supporter timezone: Asia/Kolkata (GMT+05:30)
This topic contains 5 replies, has 2 voices.
Last updated by 5 years, 5 months ago.
Assisted by: Minesh.
Here is the 403 error I've been getting in the server log:
[Wed May 15 12:22:06.589138 2019] [:error] [pid 9078:tid 140650842416896] [client 24.85.233.146:47142] [client 24.85.233.146] ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "258"] [id "33350147"] [rev "143"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Potentially Untrusted Web Content Detected"] [data "/wp-admin/post.php"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "rx ((?:submit(?:\\\\+| )?(request)?(?:\\\\+| )?>+|<<(?:\\\\+| )remove|(?:sign ?in|log ?(?:in|out)|next|modifier|envoyer|add|continue|weiter|account|results|select)?(?:\\\\+| )?>+)$|^< ?\\\\??(?: |\\\\+)?xml|^<samlp|^>> ?$)" against "ARGS:meta[13448][value]" required. [hostname "mr.math.ca"] [uri "/wp-admin/post.php"] [unique_id "XNxm3vs8QN@eTS8TQe-n3gAAAYI"], referer: hidden link
I updated Types plugin. Still got a 403 update error from the post.
I trashed the post that was causing the 403 (it had a slug called 'test' which may not have been unique enough, I don't know) and successfully added and updated a new post. I'm trying to see if I can reproduce the 403 problem again.
There were also MULTIPLE warnings in the log referring to a wp-config line 56 (see attached image):
[Wed May 15 12:22:31.662035 2019] [proxy_fcgi:error] [pid 349:tid 140650775275264] [client 24.85.233.146:47700] AH01071: Got error 'PHP message: PHP Warning: Use of undefined constant \xe2\x80\x98WP_MEMORY_LIMIT\xe2\x80\x99 - assumed '\xe2\x80\x98WP_MEMORY_LIMIT\xe2\x80\x99' (this will throw an Error in a future version of PHP) in /var/www/vhosts/mr.math.ca/httpdocs/wp-config.php on line 56\nPHP message: PHP Warning: Use of undefined constant \xe2\x80\x98256M\xe2\x80\x99 - assumed '\xe2\x80\x98256M\xe2\x80\x99' (this will throw an Error in a future version of PHP) in /var/www/vhosts/mr.math.ca/httpdocs/wp-config.php on line 56\n', referer: hidden link
line 56 define('NONCE_SALT', 'wI,85SZ|>>jnSUX=`&sB),4sfjot=l+f>~:+WzkEI!3Ls]<)W$+Ft%pr-a^pd)CX');
line 57 define(‘WP_MEMORY_LIMIT’, ‘256M’); - am I using the wrong apostrophe here? looks like it???? - i'll change it
line 58 define( 'WP_MAX_MEMORY_LIMIT', '512M' );
I thought these were legitimate statements? Apparently not? The server lists the php default at only 128M so I've asked my provider to update php memory limit to 512M as well.
I haven't heard yet if MBString mobule is enabled. I'll let you know.
Haven't enabled the WP Debug yet. Is that necessary given the log file?
many thanks!
