Support » Fixing WordPress » iframe post error

  • Resolved bjones

    (@bjones)


    I switch to code, insert <iframe scr=”http://www.rmls.com”></iframe&gt; and click publish

    I then gert this error (either a post or page and of course the page.php – post.php) is returned.
    Forbidden
    You don’t have permission to access /wp-admin/page.php on this server.
    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
    ________________________________________
    Apache/1.3.37 Server at http://www.billjonesproperties.com Port 80

Viewing 4 replies - 1 through 4 (of 4 total)
  • and what happens if you dont put that sort of content inside a post? ie, you post a simple sentence? It works?

    sounds like mod_security — disable it for the admin area, and see if you can post that

    http://www.google.com/search?hl=en&lr=&safe=off&as_qdr=all&q=disable+mod+security+site%3Awordpress.org&btnG=Search

    just a heads up also, you tagged this is if you are using 2.2, you arent — and I only point that out since the version you are using is exploitable.

    Thread Starter bjones

    (@bjones)

    Yes, I can post fine when the iframe tag is not used. I thought I was using 2.2 I’ll upgrade and see if that helps. And I don’t know what you are refering to in the mod_security comment.

    mod_security is an apache module. You can disable it on a per-file basis, on a directory basis, or domain-wide.

    It’s a very useful addition to Apache but has a tendency to cause trouble when bloggers want to post.

    I went to your site, and searched for a few terms that ought to flag mod_security bt wasn’t able to trigger it myself.

    For instance, searching your site for “iframe”, “curl” and “.htaccess”, so it may not be the problem, but it doesn’t hurt to try disabling it and see.

    Assuming you do not have another .htaccess in your wp-admin directory —

    To do this:

    1. open a blank text file on your desktop.

    2. Put the following inside of the blank text file:

    <IfModule mod_security.c>
    SecFilterEngine Off
    </IfModule>

    3. Upload the file to your wp-admin directory

    4. rename the file to .htaccess – yes, there is a dot (.) before that filename.

    Thread Starter bjones

    (@bjones)

    this one can be considered resolved, that you very much.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘iframe post error’ is closed to new replies.