403 Forbidden when changing booking status

WordPress Event Management, Calendars & Registration Forums General Question 403 Forbidden when changing booking status

This topic contains 9 replies, has 2 voices, and was last updated by  Squirrelhouse 4 years ago.

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • March 31, 2020 at 4:57 pm #37675

    Hi Stephen,
    I’m just setting the system up and getting a 403 when I try to change an offline booking from ‘pending’ to ‘confirmed’. I’ve had a look at other posts and checked htaccess and file permissions and everything appears normal with no php errors being logged.
    Any thoughts where I should look next?
    Thanks
    David

    Squirrelhouse
    March 31, 2020 at 5:03 pm #37676

    p.s. I was in the View Booking screen when I got the 403. I have since found I can successfully change the booking status in the Bookings list screen although doing this in the View screen where details can be logged would be best of course.

    Squirrelhouse
    March 31, 2020 at 9:01 pm #37679

    Hi David,

    That’s odd, do you get a white screen with 403? For the admin interface, WordPress handles the authentication, but it doesn’t typically return a 403. Could your wp-admin folder be password protected?

    Stephen Harris
    April 1, 2020 at 8:05 am #37692

    Hi Stephen,
    Yes its a white screen and there’s no password protection on wp-admin. The URL tail which generates the 403 is:-
    /wp-admin/edit.php?post_type=event&page=bookings&action=edit&booking_id=154
    I’ve attached some screenshots.
    Thanks
    David

    Before 403
    403
    wp-admin folder
    within wp-admin folder
    htaccess above the standard block

    Squirrelhouse
    April 1, 2020 at 8:07 am #37693

    p.s. for some reason the attachment showing the wp-admin folder properties isn’t showing for me…

    enter image description here

    Squirrelhouse
    April 1, 2020 at 8:47 am #37694

    no worries, I can see it. I think normally password protecting would give you a 401 anyway.

    Have you tried commenting out those .htaccess rewrite rules which attempt to block access? Typically WordPress or this plug-in doesn’t return a 403, so its probably something configured at the webserver level. The error message is also something that doesn’t appear in either WordPress or this plug-in.

    That said, those conditions listed don’t appear to match the URL.

    Stephen Harris
    April 1, 2020 at 9:27 am #37696

    Hi Stephen,
    Thanks for that. I’ve tried commenting out the htaccess rewrite rules but to no avail. I have noticed some warnings that posix_getpwuid has been disabled but they aren’t being generated at the time of the 403.
    I’ve raised a ticket with my hosting partners to see if they have any thoughts and will let you know where I get to.
    Many thanks
    David

    Squirrelhouse
    April 1, 2020 at 2:31 pm #37699

    Hi Stephen,
    The problem seems to be modsec – when I switched that off it worked. I don’t really want to run with it switched off of course.
    I’m currently on EO version 3.9.0 and EO Pro version 3.0.13
    Thanks
    David

    Squirrelhouse
    April 2, 2020 at 10:22 am #37703

    Hi David,

    Do you have access to the modsec logs? It should detail why a request was rejected. Feel free to get in touch here if you don’t want to post it on a publicly-viewable forum.

    Stephen Harris
    April 2, 2020 at 11:51 am #37704

    Hi Stephen,
    I don’t have access myself but I’ve raised a ticket with my hosts asking for the logs. I’ll come back to you then.
    Many thanks
    David

    Squirrelhouse
  • Author
    Posts
Viewing 10 posts - 1 through 10 (of 10 total)
To enable me to focus on Pro customers, only users who have a valid license for the Pro add-on may post new topics or replies in this forum. If you have a valid license, please log-in or register an account using the e-mail address you purchased the license with. If you don't you can purchase one here. Or there's always the WordPress repository forum.