Support » Plugin: YouTube » 403 Forbidden Error when trying to save the plugin settings

  • Resolved cosmin969

    (@cosmin969)


    Hello,

    I’ve installed the plugin but when i tried to save the settings i keep getting this error

    403
    Forbidden
    Access to this resource on the server is denied!

    I’ve tried: disabled the plugins, uninstaling the plugin but the error is the same.

    Please help me!

    What can I do?

Viewing 15 replies - 1 through 15 (of 16 total)
  • I just installed this plugin, and am having the same problem.

    Plugin Author embedplus

    (@embedplus)

    Please ask your server host company if they have a security feature called “mod_security” and if it is turned on.

    -EmbedPlus Team

    cosmin969

    (@cosmin969)

    Yes, they have a security feature called “mod_security” and it is turned on. What to do?

    syzygist

    (@syzygist)

    I got tired of waiting around for an answer and switched to Video Gallery – YouTube Playlist, Channel Gallery by YotuWP instead, which was easier to set up and did not throw errors.

    Plugin Author embedplus

    (@embedplus)

    @cosmin969

    That security feature is giving you a false positive when you try to save your settings. It’s a somewhat common issue with WordPress in general (just Google: wordpress mod_security 403).

    Do you have access to your server error logs? If so, try saving your settings again to produce the 403 error, then ask your host to send you the log that recorded that 403 error. The lines that have the 403 error will have additional info on what happened. If you send that to us, that will give us an idea of what specific piece mod_security is falsely flagging.

    Another option, probably easier option, is to ask your host to turn off mod_security, but we recommend this only as a last resort.

    -EmbedPlus Team

    AMC4x4

    (@amc4x4)

    Hello, I had this issue as well, and after disabling mod_security (and waiting a few minutes) I was able to get the API key entered. Can I turn it back on once the key is entered? Is it just the API key entering that triggers the mod_security rule? I would rather not leave it off. Thanks!

    Plugin Author embedplus

    (@embedplus)

    Hi,

    The problem is if you want to save other settings in the future. We don’t want you to have to keep turning things on and off. To help pinpoint the real source of the issue, we need you to follow this paragraph:

    Do you have access to your server error logs? If so, try saving your settings again to produce the 403 error, then ask your host to send you the log that recorded that 403 error. The lines that have the 403 error will have additional info on what happened. If you send that to us, that will give us an idea of what specific piece mod_security is falsely flagging.

    Also, what is your hosting company?

    -EmbedPlus Team

    Plugin Author embedplus

    (@embedplus)

    You can email the logs to:

    ext @ embedplus . com

    • This reply was modified 6 months ago by  embedplus.
    Plugin Author embedplus

    (@embedplus)

    Hello?

    I ran into this issue today, and found this thread. I was able to initially save settings by disabling mod_security in cPanel. I use WebHostPython who has litespeed servers, so I contacted support to explain what happened and to ask for the logs as you (@embedplus) suggested.

    Webhostpython:
    I believe I’ve identified the rule causing issues. Please test now. If there are still issues, let us know your WP login details and how to reproduce the error and I’ll further investigate the logs.

    Me:
    Yes, the plugin now saves okay without having to disable mod_security. If you could please respond with the change that you made so that I can forward the information to the plugin developer, that would be appreciated.

    Webhostpython:
    We are using Imunify360, all I did was disable the rule that was being flagged, and appears to have been designed to match anything related to the WP plugin embeded plus, as the name is mentioned explicitly. The plugin is most likely blocked on all servers running Imunify360, and they would need to reach out to them to get unblocked on all other servers.

    Please help me with this error

    It appears you don’t have
    permission to access this page.
    403 Error. Forbidden.

    Plugin Author embedplus

    (@embedplus)

    Can you provide a link to your site and who your hosting service company is?
    Also, if you have any security plugins, what are they?

    -EmbedPlus Team

    http://www.kirthishetty.com
    Blue Host

    • This reply was modified 2 weeks, 4 days ago by  seema012.

    I am also having this problem. My site is https://www.shannontowell.com/, my hosting service is VentraIP. I don’t have any additional security plugins.

    Thanks

    Plugin Author embedplus

    (@embedplus)

    @shannontowell
    We have confirmed that VentraIP has false positives in their Mod Sec Rules. One of our plugin user that is also a customer of VentraIP contacted VentraIP’s technical support and got a response that the plugin has been whitelisted. We do not know if they only did it for that user’s site or for all VentraIP customers. Can you confirm whether this problem is still occurring or not?

    @seema012
    Can you contact Blue Host’s technical support and ask:

    1) If they are using a tool called Imunify360/CloudLinux
    2) If so, when they did they last update their ruleset? A false positive regarding this plugin was cleared as of version 2.52 of imunify360 modsecurity ruleset
    If they are using an old ruleset, they should probably update

    -EmbedPlus Team

Viewing 15 replies - 1 through 15 (of 16 total)
  • You must be logged in to reply to this topic.