888 casino best slots.Enjoy Free 888+200 Daily Legal Bonus

Resolved stijlbreukwp
(@stijlbreukwp)

1 year, 7 months ago
Hi,

Since yesterday we experience a 403 forbidden issue on 10+ different websites, all running the free version of iThemes (better-wp-security). All websites seem to have the same issue pattern. The website goes down completely (we see a message of this in the Uptime robot monitor), all website URL’s (front-end, but also WP admin URL’s) give back the same 403 forbidden message with the iThemes “You have been locked out” screen.

As we cannot login to the admin directly (we get the same 403 forbidden message on the login URL), we follow the following procedure to fix this issue:
- Log in to the SFTP an rename the better-wp-security plugin folder, which also disables the plugin. At this point the issue is resolved instantly on all occurrences. This makes me think that the plugin itself could be the cause.
- Log in to the wp-admin, which is now available again and navigate to the plugins page.
- Rename the plugin back to its original
- Reload the plugins page and activate the plugin
- All runs fine at this point
Curious thing is that the same issue occurs on the same website URL multiple times. So it appears to be an issue that could happen more often (also after applying the quick fix as described above).

Sometimes the issue resolves without me doing anything (eg. in the night this issue also occurs and I cannot fix it instantly, but I can see in the Uptime logs sometimes the issue is resolved automatically) but sometimes it could hold on for hours.

What can we do to prevent this issue from happening? Or what can I do to debug this issue?

The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)

nlpro
(@nlpro)

1 year, 7 months ago

Additional info: The specified website (The page I need help with) seems to be running on OpenResty server (Nginx).
Plugin Support Shalom Taiwo
(@shalomt)

1 year, 7 months ago
Hi @stijlbreukwp ,

403 errors can be caused by different things, which includes the following:
1. A plugin/theme conflict.
We’ll like you to please proceed with a conflict test. But, first, create a recent backup in case you lose any settings during the trial and have to restore to a previous working state.

The following can assist you during this test: https://help.ithemes.com/hc/en-us/articles/115003073433-Checking-for-a-Conflict-

2. Error caused by invalid permission on WordPress.

I’ll recommend contacting your hosting support to better assist in ensuring that that correct permissions are set on the site.

3. Can you double-check and make sure that your IP address is added to the “Authorized Host” list? This can be found at Configure -> Global Settings -> Authorized Host.

Please let me know how it goes and how I can be of further assistance.

Best regards,
Shalom
Thread Starter stijlbreukwp
(@stijlbreukwp)

1 year, 6 months ago
Hi,

A follow up on the previous input: when looking at the logs I see that iThemes locks out the very IP from which the website itself is hosted, see the details of the log attached (IP and domain is blurred out).
- Would adding the host to the “Authorized Host” prevent this kind of lockout situation?
- What is causing this lockout exactly?
Thanks in regards for making an effort to resolve my issue.
- This reply was modified 1 year, 6 months ago by stijlbreukwp.
Denno0
(@denno0)

1 year, 6 months ago
Hi @stijlbreukwp

We are facing the same issue here: https://www.ads-software.com/support/topic/8-1-6-issue-with-ip-detection-proxy-detection/

We did a tempory fix by turning off the proxy detection: go to configuration > global settings > look for IP-detection: its now automatic? Turn it off and it should work again.
- This reply was modified 1 year, 6 months ago by Denno0.
Thread Starter stijlbreukwp
(@stijlbreukwp)

1 year, 6 months ago

Hi @denno0

Thanks for your post and fix! This sounds exactly like the issue we are experiencing. Also, it all started happening after last Wednesday, which the plugins were updated to the latest 8.1.6 version.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Complete website returns 403’ is closed to new replies.