WordPress.org

1. ioian
   Member
   Posted 1 year ago #

   Even with all plugins deactivated...
   When certain words are used anywhere in admin->user edit-> biographical info (or even a user meta field for that matter), I get a 403 forbidden error when trying to update the user in wordpress.

   Looks like it has something to do with an sql injection parser because terms like: "selected from" anywhere in the text causes it or even something incongruous like...

   "Our properties for sale and rent often incorporate a large selection of photographs and floorplans for your perusal. We are also involved in the sale of rural properties, in particular around sometown where the family first settled from England in the 1930's."

   I had this some of these bios in wordpress already (that would have been added in 3.0.x version) so it must be something that has changed in the way wordpress parses fields now that is stopping it updating.

   Does anyone know why this would be occurring now as it is stopping normal bios being posted or updated.

   thanks!

2. terraGirl
   Member
   Posted 1 year ago #

   Can you narrow down what the problem is?

   Commons issues with PHP/MySQL are quotation marks (single/double) - can you advise if this may be the cause?

3. ioian
   Member
   Posted 1 year ago #

   Even if I type "select from" or "selected from" (not with the quotes) into the bio and click save it happens. Does it happen for you?

4. esmi
   Theme Diva & Forum Moderator
   Posted 1 year ago #

   It could be a server security configuration issue:
   http://wordpress.org/support/topic/cant-save-a-post-or-page-with-certain-text

5. ioian
   Member
   Posted 1 year ago #

   Great fixed thanks. Host must have changed mod security settings.
   I added...
   SecFilterEngine Off
   to my .htaccess file and it now saves fine.

Topic Closed

This topic has been closed to new replies.