iThemes gives 403 on PDFs for non logged in users
-
I added some PDFs to my site which are displayed using the PDF Poster plugin. These worked fine for logged in users, but give 403 errors if I open an Incognito window to test non-logged in access.
I managed to isolate this to the iThemes “Filter Suspicious Query Strings in the URL” option. Unchecking this restores access to the PDFs. I cannot see anything in the iThemes logs to work out what is in the query strings to cause the problem.
I did further isolate this by editing the URL for the PDF which is configured in PDF Poster. That URL can either be the full URL (which has to be identical to the page’s domain including http vs https) or can be an absolute URL. By removing the https://www.domain.com/ prefix so that the URL started /wp-content/… instead, the PDF worked with the iThemes suspicious URL checking enabled.
I’m opening this thread as a way to hopefully alert the iThemes developers and for anyone searching with a similar issue in the future.
- The topic ‘iThemes gives 403 on PDFs for non logged in users’ is closed to new replies.
