I am getting a 403 Forbidden error
There could be a number of reasons why you may be experiencing a 403 Forbidden error. The most common cause is a misconfigured script or a permissions error. You should refer to the README or documentation provided and pay special attention to any CHMOD instructions.
It is also possible that the script is being blocked by our security systems. We run a suite of advanced security systems across our web hosting platform, which include:-
> Intrusion Prevention System – Host Intrusion Prevention System (HIDS), Kernel Intrusion Prevention System, and Web Intrusion Prevention System / Web Application Firewall (WAF)
> Stateful Packet Inspection Firewall
> Malware/Antispam/AntiVirus Protection – Real-time protection, real-time removal system, rootkit signatures and third-party signatures.
> “Just in Time” Virtual Patching – Designed to protect vulnerable web applications (such as Joomla, forum software, etc hosted in the customer environment) that cannot be patched immediately.
> Automatic Self-Healing System – To analyse our systems and then repair, fix and protect when needed, automatically.
> Data Loss Protection and Real-Time Web Content Redaction System - Keeps sensitive, critical customer data – credit cards, account numbers, social security numbers, etc, safe and secure.
These systems allow us to provide significant extra protection to your web-site. For example, we can detect potential attempts to brute force in to your forum admin control panel through sophisticated pattern matching (which means we do not need to know the specifics of how the forum software works for us to provide protection for it). We also detect "slow" brute force attacks, which take place over weeks or months. Within a typical 7 day period across our hosting platform, we detect and taken action on over 250,000 security events, ranging from spam attacks to file injection attacks, SQL injection, attempts to send phishing or virus payloads via email and so on.
The signatures of these systems are updated almost every 10 minutes to protect against the latest potential threats to customer web-sites. On rare occasions, this may result in 'false positives', where a web application (such as a CMS, or forum) carries out an activity that looks very similar to an actual attack. This is sometimes down to poor coding of an application. In these situations, we analyse the payload of the application that triggered the firewall event and send this to our external security company for analysis. On confirming that the intended action is safe, the firewall rules are adjusted.
If you believe your web application is being blocked by our security systems, then we'll need you to open a support ticket and provide us with the following information:-
- The precise date and time you experienced the error (if necessary, carry out the activity again so that you can provide us with an accurate time)
Was this answer helpful?
If you can't access your web-site, the first thing you should do is check our Service Status page...
Powered by WHMCompleteSolution