[RESOLVED] Forbidden

Printable View

May 25th, 2009, 04:22 AM
Slyke

[RESOLVED] Forbidden

This is sort of an Apache problem, but it's to do with a PHP script, so here goes.

I'm developing an application for myspace, using an iFrame.

A parameter is passed to my script:

PHP Code:

index.php?something=http%3A%2F%2Fwww.myspace.com%2F

Edit:
The "&# 37;" Shouldn't be in there, I don't know why it's showing up when I post? It doesn't when I edit this post. It should be a "%" instead.

This, for some reason causes a forbidden message:

Quote:

Forbidden

You don't have permission to access /index.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

I'm using a reseller account at hostgator to host my files. Every domain that I'm hosting causes this error when I try to navigate to it with another URL in the query string, as a data piece, but it doesn't do this for other domains.

A URL must be passed to the script cause it's how myspace contacts my script in the iFrame.

Would anyone know any reason why it's doing this? I've never touched any PHP or Apache setting in WHM or cPanel.

Any URL passed in the query string causes this message.

PHP Code:

index.php?something=www.myspace.com%2F

Works

PHP Code:

index.php?something=http%3A%2F%2Fwww.myspace.com%2F

Fails.

It does this even with an empty index.php file. I have no htaccess files or anything else that could cause this either. It does it across multiple domains, but only ones that I'm hosting?
May 25th, 2009, 06:00 AM
kows

Re: Forbidden

I don't think this has anything to with Apache.

what code are you using to create/retrieve this query string/URL in the first place?
May 25th, 2009, 07:22 AM
Slyke

Re: Forbidden

None, it does it even on an empty index.php file (or any php file for that matter).
May 25th, 2009, 09:03 AM
Slyke

Re: Forbidden

Googleing has resulted in This Find.

I will try it tomorrow, too tired now, but please if you have other ideas, place them on the table :).

Edit:
Here's Another, apparently it's a security setting my host has set.

Quote:

RewriteEngine on
AllowEncodedSlashes On

Gives me Internal Server Error. I'll submit a ticket and post my findings here :).
May 25th, 2009, 07:57 PM
Slyke

Re: Forbidden

Yep, It was a host security setting. I told hostgator about it and they said it was "Mod_Sec" and it has to be disabled per domain.

Thanks for your help though!
Sep 25th, 2011, 04:36 PM
adamm83

Re: [RESOLVED] Forbidden

I know this thread is old, but I came across it from a google search after I encountered the same problem on my HostGator hosting account.

It is apparently a Mod_security error acording to the tech support agent, but you can request them to disable it for your domain. For other people encountering this issue on HostGator, the tech support agent said to ask them to whitelist [id = "1234234"] for your domain. That should speed things up