Since implementing a Joomla site under shared hosting for a new client I am getting all kinds of "Forbidden" errors in the Joomla backend. My research tells me that I need to be able to include the "SecFilterEngine Off" and "SecFilterScanPOST" directives in my .htaccess file, but doing that results in 500 server errors. I do not have these problems in my main company hosting account which is a VPS setup. What do I have to do to be able to be able to implement these? Do I need to switch to a different type of hosting plan? What do I have to do with this account to get the same type of control I have with my VPS account? Does WestHout still offer that option?
Results 1 to 4 of 4
04-13-2012, 01:07 PM #1
- Join Date
- Jan 2007
"Forbidden" Errors in Joomla Backend on Shared Hosting Account - Not Happening on VPS
04-14-2012, 11:21 AM #2
It sounds like ModSecurity is conflicting with your Joomla backend. ModSecurity is an application firewall that helps ensure the security of our servers and our client's sites. Adding the lines that you specified to your .htaccess are intended to turn ModSecurity off; however, on our shared servers ModSecurity is not able to be disabled. Every once in awhile ModSecurity will flag a legitimate application (like your Joomla backend). The solution in that case is for you to open a ticket with us, and then we can escalate the ticket to our admins and they can see if they are able to add an exception in ModSecurity for your site.
If you could open a ticket with us through your cp.westhost.com and provide us with all of the details on how to replicate the Forbidden errors you are seeing, then we can confirm if it is or isn't ModSecurity. If it is, we'll go ahead and escalate that ticket to our admins. Thanks! Let me know if you have any other questions about that.
04-14-2012, 12:49 PM #3
- Join Date
- Jan 2007
Thank you. I have actually opened a ticked about this (#698264) and I was told yesterday it had been escalated. Will wait and see.
04-14-2012, 01:08 PM #4
Great, thanks. I'll make sure to personally follow up with the ticket as well next time I'm in the office to make sure it gets resolved.