Hey guys I have been trying to figure this out for ages but I just can't. This used to work, but I THINK when my web host changed from Plesk to cPanel it stopped working. As soon as I put a protocol (http://, ftp://, etc) in a variable of a GET request, I receive a 403 forbidden error. Look for yourself drawingblacklines com.au/?foo=bar drawingblacklines com.au/?foo=http://testing.com The PHP executed on this page is simply print_r($_GET); I have tried clearing my .htaccess file and it didn't make any difference. I have looked everywhere but cannot find a solution Has anyone got an idea what may be causing this (bad) behavior?? Thanks, Kane
Hi, it is not a bad behavior, it is an unwanted protection. Since you mentioned CPanel - and thanks for that- as far as I know CPanel operates mod_security2 for Apache, with very restrictive rules to protect web hosting, you can degrade the security measures however, unfortunately, I do not have such experience with mod_security for CPanel, you have to google it or request support from your hosting provider. Edit: you also have to fix errors with your ErrorDocument directive (probably a file location error).