XF 1.5 Server error 403 on Multi-quote

[dknife]

Had this problem for awhile but actually resolved this with my host today, thought I'd post my findings in case someone else had the issue. I would get a 403 error when:

1. Added a post to multi-quote using Quote+ button that contained a blank line between 2 or more lines of text and only then
2. Tried to Insert that quote in the Quick Reply field at the bottom of the thread
3. Modal popup would contain generic server 403 content and fail

This did not occur at all on the xenforo.com forum but failed on my own install 100% of the time irrespective of the theme used.

Turning off ModSecurity in my CPanel resolved the issue but today I troubleshooted with my host and they found it violated a specific rule #330094, which seems to indicate a user-agent violation, possible faking.

Source thread I used for testing, specifically using the 2nd post which had the blank line between my 2 lines.

 

[Mike]

We don't change the user agent, so if a user agent-related rule is being triggered, it seems like a mistake in the rule. Regardless, that is going to need to be a rule that's whitelisted/ignored.

I've only found a couple very old references to that rule number. The current version of the CRS all seems to use 9xxxxx rule numbers, so it's not from that. (They appear to have an old numbering system, but I don't see any rules starting with 3 in it.)

 

[dknife]

Yeah I had trouble finding references to the rule, and the name of the rule I found I couldn't post here as it would likely be filtered

Just a very weird combination of circumstances that caused the issue but it was 100% reproducible and occurred on my old host as well with mod_sec. Anyway was mainly posting it here to provide some search result content for the issue.