Plugin Contributor
M66B
(@m66b)
Error 403 means forbidden, so there might be something with the web server setup.
Thread Starter
Agnes
(@agneslesagegmailcom)
I saw another thread on that, saying might be with the host or some plugin. Yet I wonder what, because all other plugins seem to be installed without an issue. A pity I can’t this one… but I wonder what is specific to it that might interfere….
Plugin Contributor
M66B
(@m66b)
I don’t know, but in any case this is an unusual problem (you are the first one reporting it).
Thread Starter
Agnes
(@agneslesagegmailcom)
mmm…
I found this thread but is is closed without bmuch further details…
http://wordpress.org/support/topic/plugin-shortcode-exec-php-403-error?replies=7
I might need to try check my .htaccess… or specific file permissions I may have locked for security reason (after a couple of mamlware attacks I applies a few such rules). But I wonder which specific thing may be in cause.
I’d like to, because it seems the plugin makes things much easier !
PS:Indeed! With a very basic .htaccess, I can install the plugin. I am not sure which rule is in fault… now I’ll revert to my enhanced one and see if I can then execute the shortcodes at least.
The strange thing is even ‘searching’ for “Shortcode Exec PHP” would return an error, like if the “exec” was somehow forbidden.
Thread Starter
Agnes
(@agneslesagegmailcom)
I ve found the faulty lines in .htaccess
# from http://ralph.davidovits.net/internet/se-proteger-des-pirates-et-hackers.html#htaccess
### FILTRE AGAINRS PHPSHELL.PHP, REMOTEVIEW, c99Shell & more
# RewriteEngine On
# RewriteCond %{REQUEST_URI} # .*((php|my)?shell|remview.*|phpremoteview.*|sshphp.*|pcom|nstview.*|c99|r57|webadmin.*|phpget.*|phpwriter.*|fileditor.*|locus7.*|storm7.*)\.(p?s?x?htm?l?|txt|aspx?|cfml?|cgi|pl|php[3-9]{0,1}|jsp?|sql|xml) [NC,OR]
# RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]
# RewriteCond %{QUERY_STRING} ^(.*)=/(.*)$ [OR]
# RewriteCond %{QUERY_STRING} ^work_dir=.*$ [OR]
# RewriteCond %{QUERY_STRING} ^command=.*&output.*$ [OR]
# RewriteCond %{QUERY_STRING} ^nts_[a-z0-9_]{0,10}=.*$ [OR]
# RewriteCond %{QUERY_STRING} ^(.*)cmd=.*$ [OR] ## ATTENTION A CETTE REGLE. ELLE PEUT CASSER VOTRE SITE ##
# RewriteCond %{QUERY_STRING} ^c=(t|setup|codes)$ [OR]
# RewriteCond %{QUERY_STRING} # ^act=((about|cmd|selfremove|chbd|trojan|backc|massbrowsersploit|exploits|grablogins|upload.*)|((chmod|f)&f=.*))$ [OR]
# RewriteCond %{QUERY_STRING} ^act=(ls|search|fsbuff|encoder|tools|processes|ftpquickbrute|security|sql|eval|update|feedback|cmd|gofile|mkfile)&d=.*$ [OR]
# RewriteCond %{QUERY_STRING} ^&?c=(l?v?i?&d=|v&fnot=|setup&ref=|l&r=|d&d=|tree&d|t&d=|e&d=|i&d=|codes|md5crack).*$ [OR]
# RewriteCond %{QUERY_STRING} ^(.*)([-_a-z]{1,15})=(ls|cd|cat|rm|mv|vim|chmod|chdir|concat|mkdir|rmdir|pwd|clear|whoami|uname|tar|zip|unzip|gzip|gunzip|grep|more|ln|umask|telnet|ssh|ftp|head|tail|which|mkmode|touch|logname|edit_file|search_text|find_text|php_eval|download_file|ftp_file_down|ftp_file_up|ftp_brute|mail_file|mysql|mysql_dump|db_query)([^a-zA-Z0-9].+)*$ [OR]
# RewriteCond %{QUERY_STRING} ^(.*)(wget|shell_exec|passthru|system|exec|popen|proc_open)(.*)$
# RewriteRule (.*) - [F]
Plugin Contributor
M66B
(@m66b)
Thanks for reporting the root cause of your problem. I guess some other people find it useful!
Thread Starter
Agnes
(@agneslesagegmailcom)
Yes, well, you never know… but when you kill yourself to find somethigng on your own, it is good to know someone may get a hint…
I appreciate finding such hints in many occasions, and tools like yours. Open source & collaboration is precious…!
