Adding new users / Error 403 Forbidden / Permissions ok / mod_security ok
-
Dear all,
I stumbled upon a strange behaviour in WP 3.3.1 MS. Ok, here’s what I did: I tried to add a new user. I am in the admin as registrations from the front-end are disabled. I have successfully added users before, but this time something went wrong:
Add User – 1st Attempt
- I am in the user admin area of the respective blog, my capabilities are SuperAdmin.
- I click “Add New”, so it takes me to
/wp-admin/user-new.php
- I want to add a new user, so I use the 2nd form
- I supply the username and email, select the role and Add New User
- I get an error
403 Forbidden
Add User – 2nd Attempt
- I am in the user admin area of the network, my capabilities are SuperAdmin.
- I click “Add New”, so it takes me to
/wp-admin/network/user-new.php
- Just one form to fill here
- I supply the username and email, and Add User
- I get an error
403 Forbidden
Hey, what’s up? Permissions?
Ok, let’s do
CHMOD wp-admin
to777
. Repeated the above steps.Again Error 403
I start to google a bit, find about and thismod_security
thing and add some .htaccess
magic.<IfModule mod_security.c> SecFilterEngine Off </IfModule>
Repeated the above steps.
Oh, again Error 403
I google a bit more, find about and thismod_env
thing and add some.htaccess
magic.<IfModule mod_env.c> SetEnv MODSEC_ENABLE Off PassEnv MODSEC_ENABLE </IfModule>
Repeated the above steps.
Oh no, not again Error 403
Ok. Rewind. Fully Rewind.Add User – 3rd Attempt
- Overwrite
wp-admin
with pristine one to restore permissions to default - Remove
.htaccess
magic - Let’s try register another test user (user
test
, emailtest@mydomain.com
) from the blog. Hey, it worked! Happy - Let’s try register another test user (user
test
, emailtest@mydomain.com
) from network Hey, it worked! Happy - Let’s try register the real user (user
myrealuser
, emailmyrealuser@yahoo.com
) ….
BOOM: Error 403
Just thinking: Are there any filters preventing
myrealuser
ormyrealuser@yahoo.com
from being registered?Yes: I remember that in the network admin (
/wp-admin/network/settings.php
), you can supply banned names from registering sites. Maybe that is true for usernames as well? Butmyrealuser
is a trivial name and not included in that list…Add User – 4th Attempt
- Let’s try register another test user (user
myrealuser
, emailtest@mydomain.com
) from the blog or from the network. Hey, it worked! Happy - Let’s change
myrealuser
‘s email tomyrealuser@yahoo.com
Error 403, still getting Error 403 Forbidden
So my question: Has anyone had a similar problem registering users with a
@yahoo.com
address? Does a blacklist/spam filter for registering user emails exist?Any help or hint greatly appreciated!
- The topic ‘Adding new users / Error 403 Forbidden / Permissions ok / mod_security ok’ is closed to new replies.