mod_security blocking POST request from Mailgun

Status
Not open for further replies.

smbeadna

New Member
Messages
2
Reaction score
0
Points
1
Hello,

I use a service called Mailgun to handle sending emails from my domain (smbeadna.x10host.com). It also has a nice feature where it can automatically run a script when I receive a certain type of email— I've set it up so when Mailgun identifies a recieved email as matching the filters I've defined, it sends a POST request to a link I've defined (smbeadna.x10host.com/user_paid.php), including the email data as POST variables. It worked yesterday. However, today, its requests are being marked as 403 Forbidden, despite me having correct permissions (644) on the user_paid.php and all files which are included from it. I have not touched any .htaccess files, and besides it was working yesterday. Even today, when I test it myself by constructing my own POST variables and sending a POST request to smbeadna.x10host.com/user_paid.php, it works perfectly.

x10 states that the only other reason I might get a "403 Forbidden" error is: "Your request might be being blocked by mod_security because it looks suspicious." This makes a lot of sense to me that an automated POST request made by a third-party service (Mailgun) would look suspicious. However, in this case it is not. Would you be able to whitelist these requests? I would be extremely grateful. Mailgun should only call this script (at most) a couple of times a day, and the script itself simply runs one basic PDO query, so it will take hardly any resources at all.

Thank you for any help you can provide!

Sincerely,
Elijah
 

Livewire

Abuse Compliance Officer
Staff member
Messages
18,169
Reaction score
216
Points
63
With some help from senior staff we were able to identify the mod_security log error being hit; unfortunately the rule that is being hit is an anti-abuse rule that cannot be disabled on free hosting. The best advice I can provide is that premium would allow it to be disabled (but doing so carries significant abuse risks depending on what else is running on the account, such as a forum or CMS), or to see if Mailgun can alter what it's sending to only send you what it needs as opposed to the entire email, which may be able to minimize the risk of it being 403'd.
 

smbeadna

New Member
Messages
2
Reaction score
0
Points
1
Thank you so much for looking into this. Unfortunately Mailgun doesn't have a way to alter the data it's sending. I'm not hosting a forum, CMS, or really anything besides some static pages, some pages that connect to a database, and standard libraries (jquery and bootstrap). That being said, I understand that there's nothing you can do given that premium isn't financially an option I can consider. If you think of any other methods to solve this, let me know. Otherwise, thanks for looking into this and for your response!
 
Status
Not open for further replies.
Top