BulletProof Security Forum

Did you try whitelisting your entire “shop” URL|URI (note: if your “shop” URL|URI is named something different then use that actual URL|URI name):  http://forum.ait-pro.com/forums/topic/403-forbidden-error-woocommerce/#post-23131

It appears that your server is incorrectly rewriting to an invalid/incorrect URL|URI path??? /var/www/vhosts/URL.ext/httpdocs/shop The path should look more like this: /path-to-your-actual-website/shop

Try creating a RewriteRule like this:  RewriteRule ^your-actual-website-folder-name-here/shop/ - [L]
Note: You do not want to any of other parts of the folder path in the RewriteRule. ie /var/www/vhosts/URL.ext/httpdocs/ should NOT be in the RewriteRule.

Going by Internet standards for folder naming conventions / site structure:   colinprior.co.uk is your Hosting User Account name and httpdocs is your hosting account root folder / Document Root folder.  If your website is a root site installation then all of your WordPress files and folders will be under /httpdocs/  ie /httpdocs/wp-content/, /httpdocs/wp-admin/, etc.  Is this the folder structure / site architecture that you are using?

Disregard: This topic is no longer valid.
See this new Topic for the fix for WooCommerce Worldpay: https://forum.ait-pro.com/forums/topic/woocommerce-worldpay-403-error/

Ok so for whatever reason the virtual “/shop/” folder is being seen as a literal/physical folder by your server.  Let’s try a different approach instead of dealing with/messing with that server issue.  Remove/delete the Custom Code RewriteRule for “shop” that you created since that is not working on your server.

Most likely the issue/problem with the server is it is not configured to handle Symbolic links / Symlinks:  http://superuser.com/questions/244245/how-do-i-get-apache-to-follow-symlinks

[code removed]

Disregard: This topic is no longer valid.
See this new Topic for the fix for WooCommerce Worldpay: https://forum.ait-pro.com/forums/topic/woocommerce-worldpay-403-error/

Ok now do these steps:
1.  Go to the BPS htaccess File Editor, unlock your Root htaccess file if it is locked and turn off AutoLock.
2.  Click on the Your Current Root htaccess File tab and manually edit your root htaccess file.
3.  Scroll down to the BPS Query String Exploits section of code and comment out each of these lines of htaccess code with a # sign as shown below and click the Update File button to save your editing changes.

[code removed]

Disregard: This topic is no longer valid.
See this new Topic for the fix for WooCommerce Worldpay: https://forum.ait-pro.com/forums/topic/woocommerce-worldpay-403-error/

Just logical troubleshooting my friend, but thanks.  We are not done yet.  We have narrowed down/isolated where the root problem is being caused.  So now let’s narrow it down futher to the exact line of htaccess code that is the problem.  Then once we know that I will post the exact modified htaccess code that you need to add/save to BPS Custom Code. I am pretty sure that the problem line of htaccess code is going to either of these 2 lines of code or both of them. So remove the # signs from the other lines of code and leave these 2 lines of code below commented out with a # sign and test a transaction. If it goes through successfully then uncomment the HTTP_USER_AGENT line of code and leave the QUERY_STRING line of code commented out and test a transaction. Let me know that results after doing these steps.

[code removed]

EDIT: Having web hosting problems today with the MySQL server, but things appear to be working again. Last week this same host server problem occurred it was an intermittent problem that lasted for a few hours on and off. So if the forum site goes down again then lets complete this via email. sigh. Thanks.