Support » Plugin: All-in-One Event Calendar » 403 error or less security.

  • Resolved Martijn

    (@ximie90)


    Hi we are running into a problem, quite similar to this:
    https://wordpress.org/support/topic/something-went-wrong-while-fetching-events-8?replies=4

    But different.
    We get this error when on the front end calendar page you try to move to the next month. This happens to all users, logged in and just visitors.

    <!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>
    <HTML><HEAD>
    <TITLE>403 Forbidden</TITLE>
    </HEAD><BODY>
    <H1>Forbidden</H1>
    You don’t have permission to access /calendar-2/action~agenda/page_offset~1/time_limit~1475618401/cat_ids~4/events_limit~15/request_format~json/?callback=jQuery200105346402682994379_1472483572272&request_type=jsonp&ai1ec_doing_ajax=true&_=1472483572273 on this server.
    <HR>
    <I>www.***.nl</I>
    </BODY></HTML>

    From the earlier linked support post I got the idea that it might be security plugin related. We use WP All in one security plugin and after some trail and error we found thatdisabling:
    bad query strings and advanced character string filter options will remove the error. But it seems a bit weird to disable security features to enable a plugin to function. Is there another way to resolve this issue?

    Kind regards,

    Martijn.

    https://wordpress.org/plugins/all-in-one-event-calendar/

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author Benjamin

    (@bsokic)

    Hi Martijn,

    As far as I know, this is the only way to fix this issue if you use a security plugin, but hopefully other users can help you. We’ll keep this topic open for a few days for other user to chime in if possible. Thanks for your understanding.

    Ben

    I get exactly the same error as Martijn mentioned when I use the “Categories” or “Tags” in the calendar. And I also use WP All in One Security BUT in my settings the “bad query strings and advanced character string filter” already is disable.

    Hopefully you can provide some informations to solve this problem to your nice plugin.

    Regards
    John

    Hello again,

    In my case I had enabled the “6G Blacklist firewall protection from perishablepress.com to your site” (WP All in One Security plugin).

    I changed the setting to the “5G Blacklist …” instead, which solved my problem.

    Regards
    John

    I understand that this is a ‘Solution’, but these are only temporary solutions.
    I do hope a permanent fix for this problem will be found.

    As this is just a couple of settings within the security plug ins.
    But these security settings are there to increase the security of the websites and I think most of us will agree that you want to keep your websites as secure as possible. I would consider finding alternate plug-ins, to keep the security settings in place. And I’m taking this into consideration for future projects, I like this plugin, but security is a hot issue, with some first hand experience in hacked sites, I give this a higher priority at this time.

    Kind regards,

    Martijn

    Fully understandable and I agree in all your highly relevant concerns regarding security! Furthermore I expect improvements to All-in-One-Event Calendar that can solve this problem. A top-rated plugin must be able to solve such issues.

    Regards
    John

    Plugin Author Benjamin

    (@bsokic)

    If you want changes, new features, or you have an idea, please suggest on Timely Product ideas page: http://ideas.time.ly/, upvote an existing request or make a new request there.

    Thanks,
    Ben

    I’ve opened an Idea on your page : http://ideas.time.ly/ideas/CAL-I-434
    I do hope this will get some attention.
    As I do find it a bug, not an idea.

    Kind regards,

    Martijn

    Plugin Author Benjamin

    (@bsokic)

    Thank you Martijn. We will review your idea and check if it is a bug.

    Any news on this?

    Kind regards,

    Martijn

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘403 error or less security.’ is closed to new replies.