can't access wp-admin/user-edit.php

I’m using s2Member Pro – what an awesome plugin!

I’m developing a site new site for my customer in a directory called public_html/dev/

When I’m logged in as Administrator->Users->List Users (at /dev/wp-admin/users.php), when I click to “edit user” I get the following error:

“You don’t have permission to access /dev/wp-admin/user-edit.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.”

If I remove the &wp_http_referer=%2Fdev%2Fwp-admin%2Fusers.php from the URL it sent me to then it works fine.

A similar bug (adding referrer URL to the admin link) affects the default mysite.com/wp-admin page as well as the search feature inside the administrator. Again, if I strip the “&wp_http_referrer=blah-blah-blah from the url showing the 403 error it works fine.

Here is what apache’s error log shows:
[Tue Feb 19 22:22:52 2013] [error] [client 75.65.16.53] ModSecurity: Access denied with code 403 (phase 2). Match of “rx (alt_mod_frameset.php|checkout_shipping.php|^/components/com_zoom/etc/|/admin\\.swf\\?nick=|/editor/filemanager/browser/default/browser\\.html\\?(type=image&)?Connector=\\.\\./\\.\\./connectors|phpthumb/phpthumb\\.php\\?src=\\.\\./\\.\\./uploads|^/etc/ …” against “REQUEST_URI” required. [file “/usr/local/apache/conf/mod_sec/mod_sec.asec.conf”] [line “235”] [id “340009”] [rev “35”] [msg “Atomicorp.com – – WAF Rules: Protected Path Access denied in URI/ARGS”] [data “/dev/”] [severity “CRITICAL”] [hostname “oandpbilling.com”] [uri “/dev/wp-admin/user-edit.php”] [unique_id “USRPnGylFw4AAHfObXsAAAAH”]
[Tue Feb 19 22:22:52 2013] [error] [client 75.65.16.53] File does not exist: /home/opbill/public_html/403.shtml, referer: http://oandpbilling.com/dev/wp-admin/users.php
[Tue Feb 19 22:22:52 2013] [error] [client 75.65.16.53] ModSecurity: Audit log: Failed to lock global mutex: Permission denied [hostname “oandpbilling.com”] [uri “/dev/wp-admin/user-edit.php”] [unique_id “USRPnGylFw4AAHfObXsAAAAH”]
[Tue Feb 19 22:22:52 2013] [error] [client 75.65.16.53] ModSecurity: Audit log: Failed to unlock global mutex: Permission denied [hostname “oandpbilling.com”] [uri “/dev/wp-admin/user-edit.php”] [unique_id “USRPnGylFw4AAHfObXsAAAAH”]

Any help here? I’m stumped.

• This topic was modified 3 years, 10 months ago by  Ray Rico. Reason: added apache error log output

Thank you for reporting this important issue.

It appears that you’re getting errors from your ModSecurity setup. From your logs:

ModSecurity: Audit log: Failed to lock global mutex: Permission denied [hostname "oandpbilling.com"] [uri "/dev/wp-admin/user-edit.php"] [unique_id "USRPnGylFw4AAHfObXsAAAAH"]

See this Knowledge Base Article for more info on how you can fix this:

Knowledge Base » Mod Security, Random 503/403 Errors