403 error in chrome with empty search string

I stumbled across something rather odd. In chrome, if I use a search field and click the “Search” button without any search terms and the search string ends up being empty, chrome throws a 403 error. In firefox, this doesn’t happen and the “no results found” page appears normally. :confused:

Here’s the relevant apache access logs: - - [23/Oct/2012:09:26:34 -0400] "GET /?s= HTTP/1.1" 200 36578 "http://test.mydomain.org/" "Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 Firefox/15.0.1" - - [23/Oct/2012:09:26:57 -0400] "GET /?s= HTTP/1.1" 403 376 "http://test.mydomain.org/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4" - - [23/Oct/2012:09:35:11 -0400] "GET /?s= HTTP/1.1" 403 376 "http://test.mydomain.org/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"

The first entry is firefox. The following two are Chrome.

Any ideas?

Can you confirm that if your supply a search value it works for both browsers.

You are using a GET. A form would normally be transmitted as a POST.

If I supply search terms, everything works fine in both browsers.

Normally, yes, most forms are POST. But in wordpress, the search form is typically GET in order to use pagination links.

[edit]: IE9 behaves in the same manner as chrome.

Is it possible to see the page causing the problem on the web?

I would have though that there must be a difference between the two requests. It is very unlikely that the server side code would have a browser dependency in it.

I did some more troubleshooting, and found the source of the problem. It was an entry in the htaccess file generated by the Better WP Security plugin, which is intended to prevent various known hacking attempts.

This is the line in question:


RewriteCond %{QUERY_STRING} ^.*(\\[|\\]|\\(|\\)|<|>|ê|"|;|\\?|\\*|=$).* [NC,OR]

I revised it so that empty query variables were permitted:


RewriteCond %{QUERY_STRING} ^.*(\\[|\\]|\\(|\\)|<|>|ê|"|;|\\?|\\*$).* [NC,OR]

I also posted about it in the plugin’s discussion forum: