I have this problem:403 Forbidden on a PHP page with a URL encoded in the $ _GET parameter
I get the error "403 is forbidden" When I pass url as a GET variable like this
http://script/test.php?url=https://stackoverflow.com/questions/ask
But it normal.
http://script/test.php?url=stackoverflow.com/questions/ask
And even if I urlencode the url, it still gives me 403.
Apache mod_fcgid / 2.3.6 mod_auth_passthrough / 2.1 mod_bwlimited / 1.4 FrontPage / 5.0.2.2635 Server in ----- Port 80
And I don’t think mod_security is enabled on this server, because when I add SecFilterEngine Offto htaccess, I get "500 Internal Server Error".
SecFilterEngine Off
Code snippet:
$URL = mysql_real_escape_string($_GET['url']); mysql_query("INSERT INTO `url` ...");
So the question is, can I fix this without editing httpd.conf, because I do not have root privileges. thank
apache? cPanel , /usr/local/apache/logs/error _log - mod_security. , , - .
mod_security , 500 SecFilterEngine .htaccess, .
-, , mod_security. , . ( - , mod_security )
mod_security, - , , URL- ( base64)
, (-) mod_security . mod_security , , $_GET, URL- (http://www.etc), - . lunixbochs, .