This could be a server config issue, or it could be a database issue.
We just migrated our site to a new server.
I have a script called signin.php which displays a user-sign-in form, which in turn posts data to itself. When the data is posted to itself the server returns the 403 error. So to be really clear, it works if you just visit signin.php and does not give an error, but when it posts data to itself it then gives the error.
I’ve done some process of elimination and it turns out my password text input field was aptly named “user_password” and when I changed this to “user_password_asdf” the script began working properly again. The people we pay to host our site tells me this is probably some mysql level security stuff.
I’ve never seen an issue like this in my life and even though I’ve built a work-around for it, I’m really curious to know what might actually be going on.