Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Model-View-Controller Error FORBIDDEN when inserting HTML Syntax [SOLVED: Upgrade CI Version]
Error FORBIDDEN when inserting HTML Syntax [SOLVED: Upgrade CI Version]
  • Offline andoyoandoyo
    Andoyo (Java Web Media)
  • **
  • Posts: 31
    Threads: 4
    Joined: Jan 2015
    Reputation: 0
#1
09-27-2015, 02:59 PM
(This post was last modified: 06-29-2016, 10:53 PM by andoyoandoyo.)

Dear my friends...

I have a website using Codeigniter 3. There are some form inputs that can contain HTML syntax input to be saved in MySQL Database.
I tested in localhost and it worked fine.

The problems happened when I uploaded to live hosting. Error FORBIDDEN 403 always happen when I try inserting an input contain HTML syntax like iframe, <div> etc.

Please help me to solve this problem.
Reply
  • Offline sampoyigi
    Web Developer
  • **
  • Posts: 22
    Threads: 1
    Joined: Nov 2014
    Reputation: 3
#2
10-04-2015, 05:25 AM

Are you escaping the input data? Just a guess
TastyIgniter - Open Source Restaurant Ordering and Management System
Reply
  • Offline ignitedcms
    IgnitedCMS Developer
  • ****
  • Posts: 505
    Threads: 72
    Joined: Jul 2015
    Reputation: 17
#3
10-07-2015, 02:35 PM

Also check if you have any .htaccess files doing stuff. I remember tearing my hair out as to why my form wasn't submitting properly on my server and in the end found a rouge line inside my .htaccess file on my live server.
Practical guide to IgnitedCMS - Book coming soon, www.ignitedcms.com
Reply
  • Offline phplaw
    Newbie
  • *
  • Posts: 7
    Threads: 0
    Joined: Aug 2015
    Reputation: 1
#4
10-07-2015, 03:40 PM
(This post was last modified: 10-08-2015, 03:06 AM by phplaw.)

Have you ever tried to turn xss filtering config off , if not you can try to turn It off
open config.php, then find this line of config:
Code:
$config['global_xss_filtering'] = TRUE;
Then update the line to this
Code:
$config['global_xss_filtering'] = FALSE;

Hope that can help you resolve the issue.
Reply
  • Offline jinbatsu
    Junior Member
  • **
  • Posts: 14
    Threads: 2
    Joined: Feb 2015
    Reputation: 0
#5
10-09-2015, 04:31 AM

This is not Codeigniter configuration related.
It is related to hosting server configuration.

You can overide using .htaccess :
Code:
<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off
</IfModule>

If still error, you should report to your webhosting service.
Good luck.
Reply
  • Offline LordKaos
    Newbie
  • *
  • Posts: 1
    Threads: 0
    Joined: May 2022
    Reputation: 0
#6
05-28-2022, 08:04 AM

Hi!

I've the same, and there are 2 solutions.-

1 - for some people works to add this code to the .htaccess file:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>


2 - in MY case, the issue occurs in the production server because of a security module of Apache (the same before, but the cpanel don't allow the user to mess with that config. So in Namecheap.com servers, thech support enable the feature for us in a pair of minutes, and solved.

I paste here two articles explaining that:

[https://www.namecheap.com/support/knowle...e-need-it/][1]

[https://www.namecheap.com/support/knowle...ty-plugin/][2]


[1]: https://www.namecheap.com/support/knowle...e-need-it/
[2]: https://www.namecheap.com/support/knowle...ty-plugin/
Reply




Theme © iAndrew 2016 - Forum software by © MyBB