Hi,
Could you try disabling the Long URLs and Suspicious Query Strings features and see if that helps?
Thanks,
Gerroald
Hi iThemes Support,
i experienced the very same problem.
Turned out it’s from your
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
Link is like
/?wysija-page=1&controller=confirm&wysija-key=ff1111f11ff1111ff1f111f11f111fff&action=subscribe&wysijap=subscriptions&wysiconf=WyAaAl0=
Your regex catches the very last =
Hey DasSkar,
Thanks for the information!
Thanks,
Gerroald
I commented out this line, and indeed it resolve this exact issue that I was also experiencing.
However, have I somehow made the site more insecure by commenting out this line? Is there a fix or better regex to replace it, so that it doesn’t return a 403 when mobile users try to confirm their subscription?
Thanks!
Commenting out that line helped me as well. It’s not just mobile users, but all confirmation links. The problem is that for logged-in users confirmation links work fine, so most admins when testing that everything works will not spot this problem early enough.
