Author Topic: mod_security 403 forbidden [Solved]  (Read 2327 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
mod_security 403 forbidden [Solved]
« on: November 09, 2019, 04:34:31 PM »
The biggest issue I faced moving from a managed to unmanaged VPS was the 403 Forbidden issue.  It took me forever to figure out that mod_security was the reason.  (Personally, I don't think the text shown matches the error.  I spend hours trying to fix authentication methods before discovering it was a mod_security issue.)

Next, I struggled to fix the problem by following instructions to white list rules under the OWASP old rules module.  It never seemed to work.

Finally, I decided to try using the Comodo WAF rules because CWP says: "We recommend using Comodo WAF rules as they are much simpler and easier for beginners."  Of course, this requires an upgrade to Pro.  Given the low cost of CWP7pro (compared to something like cPanel), I figured it was worth a shot.

Like magic, Comodo WAF resolved my problems!  (Clearly, it's not magic.  I'm grateful to the folks that did the programming.)

To be clear, I run a custom-built script for my websites.  I can't guarantee switching to Comodo WAF will solve the problems other people may have.  But, I was ready to hire someone to fix my issues.  Buying CWP7pro was much cheaper.  If you're in a similar situation, it might be worth giving Comodo WAF a shot.

That's my take on this issue.  Hopefully, that information will save another newbie to unmanaged VPS from some frustration.