Occasionally a particular plugin or theme will cause a site to throw 403 errors when accessing specific pages or functionality.
When this happens without explanation, the first place to look is in the Litespeed Error logs to see if the web application firewall is to blame:
In the log, search for “403” or “ModSecurity” to locate the error. You’ll want to take special note of the “id” parameter associated with the error:
Now, in your .htaccess file add the following lines, replacing the ID number with the ID you found in your log:
<ifmodule mod_security.c>
SecRuleRemoveById 218500
</ifmodule>
Visit the page or resource that caused the 403 error again and check for resolution. If it’s still blocked, it may be due to another related firewall rule.
It’s not uncommon to need to disable a handful of rules to bypass a particular security concern. The rules can all be entered in the same ifmodule
directive:
<ifmodule mod_security.c>
SecRuleRemoveById 218500
SecRuleRemoveById 218501
SecRuleRemoveById 218502
</ifmodule>
It’s important that you investigate further as to why the firewall error is occurring. Disabling rules like this is a fast temporary measure you can use to resolve immediate problems while this investigation takes place.