Teflpedia:Error 403

In two occasions several pages have given an error 403, similar to this: 403 Forbidden Access to this resource on the server is denied! It is very likely that it is produced by Dathorn's (our webhost's) security filters.

September 2014
The problem occurred when editing some pages.

It turns out that for security reasons the symbols " and ' are forbidden in some contexts, to prevent hackers to execute code (such as Javascript) that was not supposed to be executed.

General solutions
Straight apostrophe ' can be replaced by its curly counterpart &rsquo; &amp;rsquo;

Straight single quotes as in 'example' can be replaced by their curly counterparts as in &lsquo;example&rsquo; &amp;lsquo;example&amp;rsquo;

Straight double quotes as in "example" can be replaced by their curly counterparts as in &ldquo;example&rdquo; &amp;ldquo;example&amp;rdquo;

In tables,  can be replaced by.

Specific solutions
is not allowed, but  is. Instead of replacing all apostrophes by &amp;lsquo; and &amp;rsquo; the 'r' of or can be replaced by &amp;#x72;:.

User pages
This time we can't see some pages. Last time we could see them, but we couldn't edit them.

User pages get a 403 error. For example User:Bob_M or User:jddjhddhduyeuye. Talk pages don't have this problem; e.g. User talk:Bob_M.

Workaround
Replace the colon by %3a as in http://teflpedia.com/User%3aBob_M. This does not work every time. If it fails just try again and it may work.

Depending on contents
A page that contains the sequence "&#x49;ps" or "&#x49; ps" will generate a 403 error when edited (this is similar to the error we had in 2014).

Other sequences that fail: "&#x49; id", "&#x49; ls", "&#x49; mail", "&#x49; nc", "&#x49; rm".

Workaround
Replace any of the three offending chacarters by their HTML codes "&amp;#x49;ps", "|&amp;#x70;s" or "|p&amp;#x73;s".

Solution
Fixed. A mod_security rule was being triggered by User: page requests. AndrewT at our Webhost, Dathorn, corrected that so that User: pages are loading nicely again. --Roger (talk) 01:33, 20 September 2016 (UTC)