MinimServer Forum
403 error when posting - Printable Version

+- MinimServer Forum (https://forum.minimserver.com)
+-- Forum: MinimServer (/forumdisplay.php?fid=1)
+--- Forum: Administration (/forumdisplay.php?fid=5)
+--- Thread: 403 error when posting (/showthread.php?tid=6850)



403 error when posting - simoncn - 27-02-2023 16:48

Occasionally you might get a 403 error when attempting to post to the forum. The error page looks like this:

[attachment=2887]

If you get this, don't panic and don't close your browser tab. Instead, press the browser back button and copy and paste the text of your post somewhere safe. It is very likely that a small edit or edits to your post will allow it to be posted to the foum.

This error is not caused by anything you have done wrong. The hosting provider for the MinimServer forum uses security software that filters all posts for suspicious content that might be an attempt to damage the MinimServer forum or website in some way.

There is no published information on what content triggers this software to block the post (understandably). The purpose of this thread is to provide the opportunity for users to share some of the things they have needed to change in their posts to allow the post to succeed.

For me, this has most often been caused by using a left parenthesis: (

It seems the security software doesn't like this when the parenthesis follows a word such file or system. Using the parenthesis in a smiley can also cause problems depending on what is immediately before it.

You can work around the problem by rewording your post and retrying the Preview button until you don't get the 403 error. However, sometimes it might be difficult to reword without losing the meaning. In these cases, I do the following:

1) Select/highlight the text that is causing the problem, such as the left parenthesis character (only)

2) In the 'Font' drop-down above the window where you enter your text, select Verdana

3) The text you highlighted will now be surrounded by formatting controls to use the Verdana font. This is the default font for the forum, so the text will look identical and the 403 error will not be produced. Click the Preview button to confirm this before you make your post.

Any user who has experienced this is encouraged to post here and share their experience of other words or characters that can trigger this error. This will help other users to find and fix the problem more quickly.


RE: 403 error when posting - lyapounov - 28-02-2023 02:19

c u r l and w g e t are prohibited
Which suprises me as usually, forbidden expression are front offices ones, not back office. For example < s c r i p t >

More surpinsigly, there are tons of web site about sanitization. I don't understand why the hoster of this forum is so nervous ???


RE: 403 error when posting - lyapounov - 28-02-2023 02:21

<script>alert("hello")</script>


RE: 403 error when posting - lyapounov - 28-02-2023 02:27

You see, Simon, I tried to do something very dangerous: run a javascript; but this one is sanitized perfectly


RE: 403 error when posting - simoncn - 28-02-2023 11:26

Website attacks do not usually involve sinmply posting the text of a script to run. They usually involve sending a specially crafted HTTP POST command that includes an unusual sequence of characters that fools the web server into thinking that text following the sequence of characters is a script to be run.

The security filtering is done at this lower level of HTTP requests and is not specific to the MinimServer forum software (which might or might not be well protected against attacks). The filtering is applied to prevent damage caused by attacks on any software that might have security vulnerabilities.

Because the filtering software doesn't know what is running on top of it, it is over-cautious and filters things in MinimServer forum posts that don't need to be filtered.

I cannot adjust the filtering. I don't even know exactly what is being filtered. My only option is to completely disable all filtering. If I do this, my hosting provider has informed me that it is at my own risk and they cannot be responsible for any damage that might occur as a result or doing this.