Sitewide-403 lockout

Yesterday at about 5 PM we started having a 403 error at our site which locks out everyone. We were not doing anything unusual at the time to cause this. So far we have not found a solution. Looking in the forum here we found that Mod Security sometimes can cause 403 errors with s2Member, but our server does not have Mod Security installed, so that’s not the problem. Where do we go from here?

Have you tried disabling s2Member to confirm that it’s actually the s2Member plugin causing the problem (make sure Deactivation Safeguards are enabled before disabling: Dashboard -› s2Member® -› General Options -› Deactivation Safeguards)? I’ve never heard of s2Member spontaneously causing a site-wide 403 lockout, so I suspect there might be something wrong on your server and if that’s the case, you should contact your web host.

Be sure to check out this article, it might help: Knowledge Base » Mod Security, Random 503/403 Errors

– Eduan

We have a vps with Servant, a very good company. They confirmed that we do not have Mod Security installed on our server, so we know our problem is not related to that. Fortunately, we had already enabled Deactivation Safeguards as recommended, because even admins could not access the site. Using FTP, we disabled all s2Member plugins, and that restored access to us. We then activated s2M framework and that has not caused a problem so far. Of course, we want to activate Pro features, but have waited to see what advice we get from you first, in case there is anything else we must do before reactivating Pro.

I’m glad you restored access to your site.

Could you please contact your hosting company asking them about their logs, to find out if they have more info on the 403s? Like what URLs were triggering them.

Thanks!