Discussion
I'm getting a 403 error when attempting to reply to my reader's car thread:
https://www.pistonheads.com/gassing/topic.asp?h=0&...
I was able to post a reply of a single character no problem but when posting the big reply it gives me 403, it's similar to all my other responses in that it's around a paragraph of text with a small bit of bold formatting, a youtube link and some pictures.
I did have a bit of text in brackets but even after removing that as i thought it might be the SQL Injection thing mentioned above it was still a no-go.
https://www.pistonheads.com/gassing/topic.asp?h=0&...
I was able to post a reply of a single character no problem but when posting the big reply it gives me 403, it's similar to all my other responses in that it's around a paragraph of text with a small bit of bold formatting, a youtube link and some pictures.
I did have a bit of text in brackets but even after removing that as i thought it might be the SQL Injection thing mentioned above it was still a no-go.
Hi Samjeev,
As you've gathered these types of issues do pop up rarely for certain inputs as the firewall we run (to keep the forums secure) can sometimes falsely interpret safe text as malicious. We do plan at some point to make this experience better, but for now it is a known limitation for a small percentage of posts.
That said, you can use the Preview function to gradually isolate the problematic bit in the block of text - e.g. for the text block, start with just the first paragraph and try Preview, if you see 403 you know the bad part exists within there and can go back and further filter it down.
It is a fiddly process, but given the firewall is a managed service and uses an industry standard ruleset to catch security risks, there isn't much else that can be done at the moment (without significant dev effort!).
Alternatively, feel free to post a screenshot of the text that's being blocked, or email info@pistonheads.com and we may be able to shed some light.
Cheers!
As you've gathered these types of issues do pop up rarely for certain inputs as the firewall we run (to keep the forums secure) can sometimes falsely interpret safe text as malicious. We do plan at some point to make this experience better, but for now it is a known limitation for a small percentage of posts.
That said, you can use the Preview function to gradually isolate the problematic bit in the block of text - e.g. for the text block, start with just the first paragraph and try Preview, if you see 403 you know the bad part exists within there and can go back and further filter it down.
It is a fiddly process, but given the firewall is a managed service and uses an industry standard ruleset to catch security risks, there isn't much else that can be done at the moment (without significant dev effort!).
Alternatively, feel free to post a screenshot of the text that's being blocked, or email info@pistonheads.com and we may be able to shed some light.
Cheers!
afrere_ph said:
Hi Samjeev,
As you've gathered these types of issues do pop up rarely for certain inputs as the firewall we run (to keep the forums secure) can sometimes falsely interpret safe text as malicious. We do plan at some point to make this experience better, but for now it is a known limitation for a small percentage of posts.
That said, you can use the Preview function to gradually isolate the problematic bit in the block of text - e.g. for the text block, start with just the first paragraph and try Preview, if you see 403 you know the bad part exists within there and can go back and further filter it down.
It is a fiddly process, but given the firewall is a managed service and uses an industry standard ruleset to catch security risks, there isn't much else that can be done at the moment (without significant dev effort!).
Alternatively, feel free to post a screenshot of the text that's being blocked, or email info@pistonheads.com and we may be able to shed some light.
Cheers!
Sorted it in the end, truthfully i've not a clue what it was as I eventually wittled it down to a single line of text but couldn't figure out what word in that line was causing the issue as it was just all text, no symbols or punctuation. As you've gathered these types of issues do pop up rarely for certain inputs as the firewall we run (to keep the forums secure) can sometimes falsely interpret safe text as malicious. We do plan at some point to make this experience better, but for now it is a known limitation for a small percentage of posts.
That said, you can use the Preview function to gradually isolate the problematic bit in the block of text - e.g. for the text block, start with just the first paragraph and try Preview, if you see 403 you know the bad part exists within there and can go back and further filter it down.
It is a fiddly process, but given the firewall is a managed service and uses an industry standard ruleset to catch security risks, there isn't much else that can be done at the moment (without significant dev effort!).
Alternatively, feel free to post a screenshot of the text that's being blocked, or email info@pistonheads.com and we may be able to shed some light.
Cheers!
Reformatted it and changed some of my wording and it seemed happy with it in the end.
I'm now getting this error when I try to PM someone - they have the link available, I click on it and get the message window, type my message in but when I try to send I get the 403 Forbidden error. Tried several times today. Same browser/OS as I'm using here - macOS High Sierra, Safari v13.1.1
Getting the same issue on my attempt to post on the pihole thread https://www.pistonheads.com/gassing/topic.asp?h=0&...
Have tried from phone, laptop, using Chrome and Edge
Have tried from phone, laptop, using Chrome and Edge
Testing after getting a 403 error today.
EDIT: That's strange, I get a 403 error when trying to reply to the Dune thread in the P&P but not on here.
Further edit: It seems that the "Dune" thread is the only one to which I can't reply. Which is annoying as I saw it last night and it was EPIC!
EDIT: That's strange, I get a 403 error when trying to reply to the Dune thread in the P&P but not on here.
Further edit: It seems that the "Dune" thread is the only one to which I can't reply. Which is annoying as I saw it last night and it was EPIC!
Edited by DRFC1879 on Friday 29th October 10:15
Any ideas why I'm getting this when trying to post a reply? Everything else looks like it's working, I just can't post in a particular topic.
This one: https://www.pistonheads.com/gassing/topic.asp?h=0&...
Weirdly I've been able to post this here no problem.
This one: https://www.pistonheads.com/gassing/topic.asp?h=0&...
Weirdly I've been able to post this here no problem.
Ok, bizarrely it was this sentence: "I can see how that might affect new hires."
I took that out of my reply, replied, then edited it back in which apparently it has no issue with. Slightly janky UX there tbh.
Edit: and even more strangely, it's had no issue with me posting that sentence here at all.
I took that out of my reply, replied, then edited it back in which apparently it has no issue with. Slightly janky UX there tbh.
Edit: and even more strangely, it's had no issue with me posting that sentence here at all.
Getting this error posting something innocuous to the Homes & Gardens forum.
WTF?
Edit:
This is what I was trying to post:
WTF?
Edit:
This is what I was trying to post:
me said:
With the Simplisafe system there are three modes: off, home, away.
Sensor behaviour is configurable for each mode, ie disabled, secret alert [sends an sms/email if triggered, but doesn't trigger the alarm] or alarm.
I had to change round brackets to square brackets to get it to post. The 403 trigger seemed to be Sensor behaviour is configurable for each mode, ie disabled, secret alert [sends an sms/email if triggered, but doesn't trigger the alarm] or alarm.
alarm)
Edited by judas on Wednesday 26th January 10:33
I'm getting it trying to reply to the "enjoying retirement" thread....
Removing the bits I'm quoting, my words are these: no idea what PH is grumbling about here?
"
Bit confused by this!
You are planning to leave the kids around £1M (in todays money) when you pass away? Or have I misunderstood you?
If you assume you'll be early-mid 80s (average life expectancy), how old will your kids be then?
We've tried to help ours start their savings journey, & likely they will get a reasonable chunk when we peg out, but frankly they likely will be in their late 40s or early 50s by then, & perhaps won't have such need for it then.
That sounds totally reasonable. Certainly all we've seen from older relatives is spending drops significantly after 80 (& perhaps also around 65-70).
In a couple, I guess you also need to think if the 'survivor' will be comfortable enough if the first passes earlier....
"
eta - yet weirdly my words are just fine here.
There is definitely something buggy going on!
Removing the bits I'm quoting, my words are these: no idea what PH is grumbling about here?
"
Bit confused by this!
You are planning to leave the kids around £1M (in todays money) when you pass away? Or have I misunderstood you?
If you assume you'll be early-mid 80s (average life expectancy), how old will your kids be then?
We've tried to help ours start their savings journey, & likely they will get a reasonable chunk when we peg out, but frankly they likely will be in their late 40s or early 50s by then, & perhaps won't have such need for it then.
That sounds totally reasonable. Certainly all we've seen from older relatives is spending drops significantly after 80 (& perhaps also around 65-70).
In a couple, I guess you also need to think if the 'survivor' will be comfortable enough if the first passes earlier....
"
eta - yet weirdly my words are just fine here.
There is definitely something buggy going on!
Funk said:
Any ideas why I'm getting this when trying to post a reply? Everything else looks like it's working, I just can't post in a particular topic.
This one: https://www.pistonheads.com/gassing/topic.asp?h=0&...
Weirdly I've been able to post this here no problem.
I've just merged your thread with this one. And to surface Alex's post up from above:This one: https://www.pistonheads.com/gassing/topic.asp?h=0&...
Weirdly I've been able to post this here no problem.
afrere_ph said:
As you've gathered these types of issues do pop up rarely for certain inputs as the firewall we run (to keep the forums secure) can sometimes falsely interpret safe text as malicious. We do plan at some point to make this experience better, but for now it is a known limitation for a small percentage of posts.
That said, you can use the Preview function to gradually isolate the problematic bit in the block of text - e.g. for the text block, start with just the first paragraph and try Preview, if you see 403 you know the bad part exists within there and can go back and further filter it down.
It is a fiddly process, but given the firewall is a managed service and uses an industry standard ruleset to catch security risks, there isn't much else that can be done at the moment (without significant dev effort!).
Alternatively, feel free to post a screenshot of the text that's being blocked, or email info@pistonheads.com and we may be able to shed some light.
Sorry that we can't be any more specific right now but hopefully this is helpful if you get stuck again in future.That said, you can use the Preview function to gradually isolate the problematic bit in the block of text - e.g. for the text block, start with just the first paragraph and try Preview, if you see 403 you know the bad part exists within there and can go back and further filter it down.
It is a fiddly process, but given the firewall is a managed service and uses an industry standard ruleset to catch security risks, there isn't much else that can be done at the moment (without significant dev effort!).
Alternatively, feel free to post a screenshot of the text that's being blocked, or email info@pistonheads.com and we may be able to shed some light.
Hi - I'm getting it on the Books & LIterature section but no where else. Can't preview , can't post. 403 forbidden.
I've posted in there previously
Ahhh - update - got it.
I had to remove "waking gods", and retype it. Bloody odd! (they are books btw)
"Sleeping Gods and Waking Gods"
I've posted in there previously
Ahhh - update - got it.
I had to remove "waking gods", and retype it. Bloody odd! (they are books btw)
"Sleeping Gods and Waking Gods"
Edited by Griffith4ever on Friday 11th November 10:15
Redirected here because the phrase "soak" "and" "sleep" triggers this issue. Not aware of this combination being an obvious trigger for SQL Injection or Cross-Site Scripting but perhaps I'm a bit behind on my security training?
2.5 years of this being a known issue with poor user experience and no fix? Is this a Microsoft 3rd party firewall?!
Raising obvious false positives with the 3rd party sounds sensible? At the very least, improving the error message shown to end users would seem to be a reasonable aim.
2.5 years of this being a known issue with poor user experience and no fix? Is this a Microsoft 3rd party firewall?!
Raising obvious false positives with the 3rd party sounds sensible? At the very least, improving the error message shown to end users would seem to be a reasonable aim.
It's also worth checking if the hot water pre heat function [if present] is disabled.
I can post the above sentence with square brackets - but posting with normal brackets results in a 403 forbidden error.
That's a serious bug in your filtering PH.
Posting the above line (anywhere in the forums) results in a 403 forbidden error.
EDIT: It must be the words "if present" causing the issue, but only when wrapped in brackets!
But yet it works here (if present) for some reason?
EDIT (2): I found it. The filtering doesn't like the use of the word 'function' followed by a bracket.
I can post the above sentence with square brackets - but posting with normal brackets results in a 403 forbidden error.
That's a serious bug in your filtering PH.
Posting the above line (anywhere in the forums) results in a 403 forbidden error.
EDIT: It must be the words "if present" causing the issue, but only when wrapped in brackets!
But yet it works here (if present) for some reason?
EDIT (2): I found it. The filtering doesn't like the use of the word 'function' followed by a bracket.
Edited by TonyRPH on Monday 21st November 20:55
Edited by TonyRPH on Monday 21st November 20:57
Gassing Station | Website Feedback | Top of Page | What's New | My Stuff