I have some more information that you may find useful.
I encountered the problem on the user-facing side recently after integrating some new functionality.
It seems there may have been multiple issues, but I did the following to resolve it:
- I had a form that was performing a
HttpResponseRedirecton success, but it was 404ing because the URL prefix was getting duplicated for some reason, e.g./mypath/mypath/page/. I’m not sure if the problem was thereversefunction or something else, but I checked the path for the duplicate prefix and removed it before performing the redirect, which solved the 404. - If you have any IP rules set up in cPanel, if you are missing a 403.shtml inside your
public_htmlserver directory the server throws an error seemingly before the request even gets to Django. - I had a form with a WYSIWYG editor that allowed video embedding. This produced a 403 error on submit, but only when a video was embedded. I presumed this was getting blocked by the server for potentially malicious HTML content in the form field. I spoke to hosting support and found out:
As I have checked, the issue is triggered by ModSecurity Apache. ModSecurity is an Apache module which works as a web application firewall. It blocks known exploits and provides protection from a range of attacks against web applications.
- They made a change and it worked fine after that. So far all is working okay user and admin side.
I hope this helps.