Jump to content

Question

Posted

When I was trying to CREATE "Departments" within Blesta, I kept running into a "403 Forbidden Error" when I would try to save my work.

 

I found a significant reason and solution to this issue...

** MOSTLY RESOLVED ** :)

 

==============================

 

After taking a look at...

https://www.blesta.com/forums/index.php?/topic/5799-creating-support-department-issue/#comment-40873

 

And then going to...

http://www.wpbeginner.com/wp-tutorials/how-to-fix-the-403-forbidden-error-in-wordpress/ 

 

Where it says,

  Quote

 

"The most common cause for the 403 Forbidden error in WordPress is due to poorly configured security plugins. Many WordPress security plugins can block an IP address (or a whole range of IP addresses) if they believe them to be malicious.

This is why we use Sucuri to improve security of all our WordPress sites.

Another possible cause could be a corrupt .htaccess file or incorrect file permissions on your server.

Your WordPress hosting company can sometimes make accidental changes to their server settings. This may result in 403 Forbidden error on your site " .

 

Expand  

 

NOTE : If you read further down in the article it gives different solutions to resolve this 403 issue.

 

=========================

 

As for myself, I found that the issue appears to be originating from the plugins folder of the WordPress Installation that is under the same domain name.

It seems that one of the "WordFence" security plugin in the WordPress installation is affecting the Host / Billing software. Even though the Host / Billing software is installed in a sub-folder.

The "WordFence" security plugin can be obtained at https://wordpress.org/plugins/wordfence/

 

===========

 

As an experiment...

1) - I used SFTP to access the WordPress plugins folder at " /public_html/wp-content/plugins/wordfence " and changed it to " /public_html/wp-content/plugins/wordfence (OFF) ".

2) - After I did this, I went to the Host / Billing software at Support - - > Departments - - > Add Department icon - - > clicked on "Add Department" button once I was done.

3) - And now, I have access WITHOUT the 403 Forbidden Error.

 

==========

 

1) - So then I changed the plugin name back to its original state " /public_html/wp-content/plugins/wordfence ".

2)- I then logged into the WordPress Admin and went to the "Word Fence" - -> Option - -> Other Options - -> Whitelisted IP addresses that bypass all rules: settings.

3) - And then inserted my IP Address to the whitelist and saved.

4) - This appeared to work.

5) - Then I went back and DELETED my IP Address from the whitelist in WordFence

6) - Amazingly, I STILL have access to the Host / Billing software at Support - - > Departments - - > Add Department icon and was able to add or edit the department. :)

 

============

 

IN SUMMARY...

My best guess is that the "WordFence Security plugin" in WordPress is writing something to the WordPress .htaccess file which was affecting the Host / Billing software that is installed in my sub-directory.

 

==========

 

So it appears that this issue "IS RESOLVED" for the most part

BUT just curious to know if there is a way to ...

1) - get the web server's Mod_Security rule to ignore what the WordPress "WordFence" plugin is doing concerning my access to the "Departments" page of the Host / Billing installation ?

2) - get WordPress .htaccess in the root domain for Wordpress to ignore my access to the "Departments" page of the Host / Billing installation ?

==========

Hope this help everyone

Look forward to your reply.

Thanks in advance.

7 answers to this question

Recommended Posts

  • 0
Posted

I highly recommend running Blesta separately from Wordpress, on it's own VPS at a subdomain if possible. The security issues prevalent with Wordpress make your customer data in Blesta less secure when under the same account.

  • 0
Posted

Please check your email.

"BLESTA - Found 3 Issues in BETA 4.03 " I sent it around 12:40 AM PST

I addressed that we are having issues creating a sub-domain BOTH in AND outside of the "public_html" folder.

The website just keep looping as it is loading.

Really weird.

  • 0
Posted
  On 10/28/2016 at 3:26 PM, turner2f said:

Please check your email.

"BLESTA - Found 3 Issues in BETA 4.03 " I sent it around 12:40 AM PST

I addressed that we are having issues creating a sub-domain BOTH in AND outside of the "public_html" folder.

The website just keep looping as it is loading.

Really weird.

Expand  

Please post beta bugs in the beta bug forum - https://www.blesta.com/forums/index.php?/forum/37-bugs/

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...