WiscWeb WordPress Service

Modsecurity Error: Action Denied

You are receiving this error because an action you were taking has triggered Modsecurity on the website.

I was submitting a form…

If you were submitting a form when you saw this error, something you entered into the form is being flagged as a potential hacking attempt. Review the suggestions below and then press the back button in your browser to to adjust and re-submit your form.

  1. Make sure you are not copying and pasting in form content from an external source like Microsoft Word. Try manually typing in the content or using a text-only editor like Notepad (make sure you are using plain text). Externally copied content can carry invisible code that triggers Modsecurity.
  2. Omit special characters from your form fields (examples: percentages %, double quotes ” “, single quotes ‘ ‘, and pipes |). Modsecurity flags these characters. Try using standard letters/words rather than these special characters.
  3. Omit mathematical expressions from your form fields. (example: “1 and 1-1”). Modsecurity flags these characters. Try rephrasing input that includes numbers and logical key words.

If you continue to see this error and are unable to submit your form, please contact the support email for the site containing the form. The contact information will be listed at the bottom of the form website. Please include a screenshot of the content you were attempting to submit in the form, if possible – this will help with troubleshooting.

I created a form…

If one of your users is getting this error when submitting a form, please try:

  1. Having your user review the information above and try revising and re-submitting the form.
  2. Reviewing your form fields. Certain form fields can trigger the Modsecurity response when paired with special characters. For example, parentheses ( ) do not work well when placed in a radio button or checkbox list.

I was updating a page…

If you were updating a page when you saw this error, something you entered onto the page is being flagged as a potential hacking attempt. Review the suggestions below and then press the back button in your browser to adjust and re-publish your page content.

  1. Make sure you are not copying and pasting in form content from an external source like Microsoft Word. Try manually typing in the content or use the “Paste as Text” button in the WYSIWYG editor. Externally copied content can carry invisible code that triggers Modsecurity.
  2. If you are trying to include code examples on the page, switch to text view and wrap your content in <code> tags.
    Example: <code>here is my code</code>

If you continue to see this error and are unable to update your page, please reach out via help@doit.wisc.edu. Include a full description of your issue, as well as your website URL.

I was doing something else…

If this error shows up and you weren’t submitting a form or editing a page, please reach out via help@doit.wisc.edu. Include a full description of your issue, as well as your website URL.