I am having a major hair pulling issue with what I believe is caused between Apache and SSL. Both Apache and SSL itself work fine for my site; it's the results of my attempt to submit data from an AJAX function to a PHP Script that causes an error 403 Forbidden.
I built a site on a dev server that has no SSL, then replicated the server to a new box with the exact same code, software and permissions. The only difference the enabling of SSL with a cert, and now parts of the site that uses AJAX to allow user submissions returns a 403 only if the data contains one of three (and probably more) characters:
- Double Quote: "
- Single Quote: '
- Semicolon: ;
If the user submits any data with any one of these three characters, the server returns an Error 403 before the submission even hits the PHP script. If they do not use any of the characters, it submits fine.
Research
My research didn't help much, but I did find and tried some things, none of which worked:
Some mentioned that something called mod_secure for Apache might be causing some false positives, however I do not have it installed to disable that.
I found that sometimes this issue is caused by permissions, but all of the permissions are correct; plus its a replication of a server where the site already works perfectly fine using the exact same permissions and code.
I read that changing the Directory parameters in the apache2.conf file from Require all denied to Require all granted might help, but it did not. I even set this up for the specific directory where the issue is taking place, still no help.
I tried to change the script to convert special characters into their html entities, but that didn't work since it still added a ";" semicolon such as "quot;" which throws a 403 upon submission.
I looked into the apache error logs, but there is nothing there related to the Error 403 for me to debug. All other errors report fine.
I am at a complete loss here. My assumption is that the server is blocking those specific characters thinking it's a XSS / SQL Injection attack.
Solutions?
Is there a configuration file somewhere, for Apache, SSL or maybe even PHP, that I can look at to see what it's blocking and maybe even disable those or add a kind of whitelist rule?
Thank you for any help you can provide!
Found Solution
The solution to this issue was editing the content filter on the firewall from a very strict filter to a basic one. Thanks to user2182349 for pointing out the firewall!
