XF 1.1 Permissions Error

[tts]

I recently installed XenForo on my shared hosting account at Liquid Web. Unfortunately, whenever I attempt to perform an action (e.g. post a message, preview a message, modify my profile, etc.) -- anything that sends a POST request -- I get an Apache access denied / forbidden error.

Screenshot: http://cardiactalk.com/screen.png

Any thoughts?

 

[Jake Bunce]

"Forbidden" (403) is a server error. You should contact your host to see if they know anything about it. Also check your server logs if you have access to them. Ideally the logs will have more information.

A 403 error can be the result of bad file / folder permissions on the server. Depending on your server configuration, files are normally 644 and folders 755. But the fact that this only happens with POST requests doesn't make sense to me. There may be some weird server rules at play here. Your host might know something about this.

 

[tts]

Thanks for your thoughts. I was thinking the same thing. This is at Liquid Web -- appears to be something weird with their mod_sec filters for shared hosting accounts.

Looks like the only options are to (a) whitelist every possible page (a long, grueling task), or (b) to upgrade to their VPS w/ less filtering.

 

[tts]

For future reference, I learned that Liquid Web's Shared Hosting is NOT compatible with XenForo out-of-the-box. The platform meets the XenForo requirements, however, Liquid Web enforces strict security policies that prevent it from working properly.

If you experience this problem, you need to create a support ticket with Liquid Web that describes the problem, includes relevant URLs (not all) with the error, and requests for the mod_sec rules to be adjusted to whitelist your domain.

I'd be happy to help anyone navigate this process on their account -- send me a PM.

Trent