Dear Discourse, Whenever my post contains the word substring, an error 403 is displayed: [AEA8ED8ADE2D46BFA0B1806DA242E04F] For the time being, I just used sub-string instead, but that’s not a workable solution. You can see my post here . Is there any way to avoid this? I have tried to use all po…

Whenever a post contains "substring" I get a 403 error

Mr.X_Mr.X February 2, 2022, 8:05pm 4

You might have a WAF enabled that blocks XSS attempts and substring is commonly used in the exploit syntax. If you’re using Cloudflare with WAF enabled that would be the cause.

1 Like

Topic		Replies	Views
Discourse Subscriptions (Core) - Server Error while trying to load /s/admin/products Support subscriptions	9	184	July 26, 2025
"Show Full Post" button doesn't work in subfolder installations Support embedding , subfolder	33	430	January 2, 2026
JavaScript embed won’t display embed, console log shows: Failed to execute postMessage on DOMWindow… Support	19	5756	April 26, 2022
Embedding Discourse Comments via Javascript over https Support	3	678	March 1, 2020
Embedding error Support	13	3949	November 21, 2020

Whenever a post contains "substring" I get a 403 error

Related topics