403 forbidden error after installing mod_security [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 7 years ago.

Improve this question

I have installed mod_security & created some rules for exception for my domain. However I am still facing 403 forbidden error for some of my scripts.

I have a php file named myajax.php which contains all codes which we call through java script ajax.I was not able to access some of the codes, however tracing the id from logs of mod_security.

I have modified the rules in mod_security.conf and used SecRuleRemoveById for those ID's. In some cases, I am not able to access php codes and there is no ID found in mod_security logs for the same.

Answer 1

403 Forbidden error is generally an issue with the http. Try installing the latest mod-security for your server. I was facing a similar issue for which I had to increase SecPcreMatchLimit 150000 SecPcreMatchLimitRecursion 150000 paramaters in modsecurity conf file. As I was using older version this did not work. For this you need to atleast have the 2.6 version. Hope this resolves your issue.