Blog Documentation Book a Demo

Embed forum displaying forbidden error

zabeanzabean New
edited November 2010 in Vanilla 2.0 - 2.8
When I try to access my page with a remote vanilla embed I see the following (where the embed should be, not the entire page):

Forbidden

You don't have permission to access /lazy/lazyhtml/forum on this server.

When this error occurs the URL of the embed is:
http://www.mydomain.com/lazy/lazyhtml/forum/?remote=http://www.mydomain.com/lazy/lazyhtml/forum.php

When visiting that directly, I also recieve the Forbidden message, but forum/ is accessible without an error, and forum/?remote= is accessible, but it becomes inaccessible when the I have as much as forum/?remote=http%3A%2F%2Fwww.mydomain

As soon as there is that much text in the remote argument I receive the forbidden error, and of course what is generated by embed code embeds the full url: http://www.mydomain.com/lazy/lazyhtml/forum/?remote=http://www.mydomain.com/lazy/lazyhtml/forum.php

Can't seem to figure this out. It's on a fresh install of the latest vanilla, with the embed plugin enabled, and my embed code is
<script type="text/javascript" src="forum/plugins/embedvanilla/remote.js"></script>

All Browsers
PHP:
5.2.4
MySQL
5.1.50
Tagged:

Comments

  • zabeanzabean New
    This has been solved. The issue lies in mod security's 10_asl_rules.conf blocking url's being passed through as parameters, probably to prevent hacking attempts.
Sign In or Register to comment.