403 error in combination with iThemes Security

  • Resolved JGA

    (@jga)


    9 years ago

    Hi,

    I’m using your plugin on some sites as well as iThemes Security.
    I’ve noticed that whenever I enable the option “Filter Suspicious Query Strings in the URL” of iThemes Security, I get the following error when you try to navigate through the the dates.

    Something went wrong while fetching events.
    The request status is: 403
    The error thrown was: Forbidden

    An example can be seen on: https://www.aikido3b.nl/agenda

    Note: I don’t get this error when i’m logged in on my site.

    Is this something you can fix?

    Thanks in advance.

    https://www.ads-software.com/plugins/all-in-one-event-calendar/

Viewing 1 replies (of 1 total)
  • cefiar

    (@cefiar)

    This isn’t an issue with the plugin per se, but depends entirely on iThemes security’s interpretation of what “Filter Suspicious Query Stings” means.

    From brief exposure to this, it assumes that any query string that is passed to WP which is not a number or a common word is suspicious.

    Ai1ec encodes a lot of data in URLs that fetch event information, and it’s usually these that iThemes Security marks as bad. It encodes this information to reduce the length of the URL being fetched.

    Just to confirm here; it’s iThemes Security that is blocking you from accessing these URLs. I think you’d be better off trying to get iThemes to handle the issue so that their product handles such situations better, or includes an exception for what is obviously “known good” behavior that some plugins use.

Viewing 1 replies (of 1 total)
  • The topic ‘403 error in combination with iThemes Security’ is closed to new replies.