XF 2.0 Can't save Javascript into PAGE_CONTAINER (403 Error)

[rockstarmind]

Hey guys,

I can't get this script into my Xenforo install. It's a live chat widget called Customerly (like Intercom).

I keep getting a 403 error (see error below) when I try pasting any <script> before the </body> tag of PAGE_CONTAINER.

How should I fix this?

Thanks so much,

Steve


jquery-3.2.1.min.js?_v=d25406a2:4 POST https://www.rockstarmind.com/jamspace/admin.php?templates/page_container.1323/save 403 (Forbidden)
send @ jquery-3.2.1.min.js?_v=d25406a2:4
ajax @ jquery-3.2.1.min.js?_v=d25406a2:4
ajax @ core-compiled.js?_v=d25406a2:41
(anonymous) @ core-compiled.js?_v=d25406a2:178
setTimeout (async)
submit @ core-compiled.js?_v=d25406a2:178
(anonymous) @ core-compiled.js?_v=d25406a2:70
dispatch @ jquery-3.2.1.min.js?_v=d25406a2:3
q.handle @ jquery-3.2.1.min.js?_v=d25406a2:3
core-compiled.js?_v=d25406a2:43 PHP: <html style="height:100%"><head><META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"></head><body style="margin:0px;height:100%"><iframe src="/_Incapsula_Resource?CWUDNSAI=20&xinfo=12-18079830-0%20NNNN%20RT%281547493315147%2030007%29%20q%280%200%20-1%20-1%29%20r%283%20-1%29%20B15%281%2c3%2c31%29%20U6&incident_id=1228000020022852685-61610129120559148&edet=15&cinfo=010000004d3c" frameborder=0 width="100%" height="100%" marginheight="0px" marginwidth="0px">Request unsuccessful. Incapsula incident ID: 1228000020022852685-61610129120559148</iframe></body></html>
defaultAjaxError @ core-compiled.js?_v=d25406a2:43
t @ core-compiled.js?_v=d25406a2:40
i @ jquery-3.2.1.min.js?_v=d25406a2:2
fireWith @ jquery-3.2.1.min.js?_v=d25406a2:2
A @ jquery-3.2.1.min.js?_v=d25406a2:4
(anonymous) @ jquery-3.2.1.min.js?_v=d25406a2:4
load (async)
send @ jquery-3.2.1.min.js?_v=d25406a2:4
ajax @ jquery-3.2.1.min.js?_v=d25406a2:4
ajax @ core-compiled.js?_v=d25406a2:41
(anonymous) @ core-compiled.js?_v=d25406a2:178
setTimeout (async)
submit @ core-compiled.js?_v=d25406a2:178
(anonymous) @ core-compiled.js?_v=d25406a2:70
dispatch @ jquery-3.2.1.min.js?_v=d25406a2:3
q.handle @ jquery-3.2.1.min.js?_v=d25406a2:3

 

[Paul B]

Most likely mod security.

Contact your host and they will be able to resolve it.

 

[rockstarmind]

Thanks Brogan. I thought it might be that too. Support tried to fix it, but it still didn't save. Maybe it's the wrong file they gave permissions to modify.

Am I even doing this correctly? I go to Templates and then Page_Container and try to add the Javascript before the closing </body> tag?

 

[Paul B]

It's not your edit that's at fault - it's mod security blocking it.

Your host will need to identify which rules are being triggered and implement whitelisting.

I've been through it a few times in the past few weeks and it can sometimes take hosts a few attempts to get it.

 

[rockstarmind]

Thanks man...really appreciate your help! Is it just for adding code and modifying backend stuff like this that I'll run into mod security errors? Or will it happen even when users are using the forum?

 

[rockstarmind]

Man, Bluehost couldn't solve it....they whitelisted everything they could find.

Is there any other way to get this script into Xenforo? If I could find the file on my server, can't I manually add it to that file? Or is that impossible?

 

[Paul B]

It needs to be resolved at the server level.

Tell the host to disable mod sec completely.

If that doesn't resolve it, I could only suggest changing hosts.

 

[rockstarmind]

If the mod security being disabled fixes it, is it something I can keep off? Or is that way too risky?

 

[rockstarmind]

I think SiteLock is actually blocking it....going to check with them now

 

[rockstarmind]

Finally got it working....I had to get SiteLock to whitelist my IP.

Thanks again Brogan

 

[rockstarmind]

Hey @Brogan....everything is working on my FORUMS page. How do I get my Javascript to show up on every page on the entire forum?

I have analytics and a live chat widget that I want users to see the entire time.

Thanks dude!