Home  General questions  '403 Forbidden' or 'Not Acceptable' errors...  

'403 Forbidden' or 'Not Acceptable' errors after submitting forms that contain 'curl', 'perl', 'set', 'file', etc.

Most probably your webserver has mod_security enabled. The mod_security feature scans all incoming posts for forbidden words or phrases that might indicate someone is trying to hack the system, and if any of them exist then Apache returns the 403 Forbidden error. Common phrases that tend to trigger mod_security include curl, wget, set, file(, and system(, although there are many others.

To disable 'mod_security' for your website:
  1. Open the .htaccess file located in the root directory of your CS-Cart installation.
  2. Add the following part of code there:
    <IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
  3. Save the file.
  4. It does not help on some server, in this case contact your server administrator.

Noticed an error in the article or it is not clear enough? Any suggestions to improve it? Please let us know by filling in the feedback form. Click here.