Title: gleanweb's Replies | WordPress.org

---

# gleanweb

  [  ](https://wordpress.org/support/users/gleanweb/)

 *   [Profile](https://wordpress.org/support/users/gleanweb/)
 *   [Topics Started](https://wordpress.org/support/users/gleanweb/topics/)
 *   [Replies Created](https://wordpress.org/support/users/gleanweb/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/gleanweb/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/gleanweb/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/gleanweb/engagements/)
 *   [Favorites](https://wordpress.org/support/users/gleanweb/favorites/)

 Search replies:

## Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)

 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] 403 forbidden](https://wordpress.org/support/topic/403-forbidden-138/)
 *  Thread Starter [gleanweb](https://wordpress.org/support/users/gleanweb/)
 * (@gleanweb)
 * [7 years, 3 months ago](https://wordpress.org/support/topic/403-forbidden-138/#post-11164437)
 * Thanks, Dave. I added the script to the whitelist. The first time I then ran 
   the script it again balked, but gave me the option on the 403 Forbidden page 
   to whitelist it. I checked that box and it all seems to work now.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] 403 forbidden](https://wordpress.org/support/topic/403-forbidden-138/)
 *  Thread Starter [gleanweb](https://wordpress.org/support/users/gleanweb/)
 * (@gleanweb)
 * [7 years, 3 months ago](https://wordpress.org/support/topic/403-forbidden-138/#post-11144799)
 * I have systematically gone through the POSTed inputs and found that what triggers
   the Wordfence block in the $_POST array is:
 * [sqlquery] => select farm, contact1, phone1, address, city, state, zip from sites
 * Is this because of the name of the variable?
    Or does Wordfence recognize the
   string as an sql query and block it for that reason? Or something else?
 * The whole point of the page is to write and save customized sql queries. The 
   POSTed input is rigorously sanitized on the server and the page is password-protected.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] 403 forbidden](https://wordpress.org/support/topic/403-forbidden-138/)
 *  Thread Starter [gleanweb](https://wordpress.org/support/users/gleanweb/)
 * (@gleanweb)
 * [7 years, 3 months ago](https://wordpress.org/support/topic/403-forbidden-138/#post-11141730)
 * Hi Dave,
    Thanks for the note. The $_POST array looks like this: Array ( [title]
   => All sites +Site stats+ [sqlquery] => select farm, contact1, phone1, address,
   city, state, zip from sites order by farm [list] => Show this report [terms] 
   => [querynum] => 3 )
 * [@gleanweb](https://wordpress.org/support/users/gleanweb/)

Viewing 3 replies - 1 through 3 (of 3 total)