WordPress blog posts with certain words in them can sometimes be blocked or fail mysteriously. Sometimes the offending word is silently removed from the post; other times the post fails with an HTTP error. Here’s a description of one possible cause, together with a useful workaround in case this problem happens to you. The problem could actually affect any blog platform or pretty much any other web application, not just WordPress.<\/p>\n
If I try to write a WordPress blog post containing the word “python” followed by a space, I get an HTTP error page. The error is “403 – Forbidden”. After a bit of experimentation I have found that the “python” can be in any case, and that it’s only a problem if followed by a space.<\/p>\n
By some coincidence, I recently read about a similar mysterious bug<\/a> on the WordPress support forum. The problem seems to be caused by over-zealous mod_security<\/a> rules. It looks as if my web host is using mod_security to block any HTTP POST that appears to contain a Python<\/a> command. Even if it’s only me trying to write a blog post about scripting languages.<\/p>\n Even though my problem was with the word “python”, the forum post mentions similar problems with the words “compress” and “curl”. It just depends on what rules your web host has implemented.<\/p>\n I know better than to try to get my host to change their rules — it would take a bit of time, and there’s a workaround anyway. Just add some obfuscatory HTML to avoid triggering the rule. My first attempt was this:<\/p>\n “ This works fine, but unfortunately WordPress actually translates the So here’s the best solution I found.<\/p>\n “ Note that you have to be in the code editor (not the visual editor) in WordPress to enter the < and > characters. Using this trick you can talk about Python<\/span> just as much as you want, and edit your posts too. And this solution is completely general; you can write WordPress blog posts with certain words in them can sometimes be blocked or fail mysteriously. Sometimes the offending word is silently removed from the post; other times the post fails with an HTTP error. Here’s a description of one possible cause, together with a useful workaround in case this problem happens to you. The problem […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[2,18,83],"class_list":["post-101","post","type-post","status-publish","format-standard","hentry","category-wordpress","tag-coding","tag-web-development","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/posts\/101","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/comments?post=101"}],"version-history":[{"count":0,"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/posts\/101\/revisions"}],"wp:attachment":[{"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/media?parent=101"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/categories?post=101"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thunderguy.com\/semicolon\/wp-json\/wp\/v2\/tags?post=101"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Python <\/code>”<\/p>\n <\/code> into a space. Later, if I edit the post and try to save, mod_security blocks it again. I have to manually replace the space with a  <\/code> again.<\/p>\nPython<span><\/span> <\/code>”<\/p>\ncom<span><\/span>press<\/code> or cu<span><\/span>rl<\/code> or whatever other forbidden word you like.<\/p>\n","protected":false},"excerpt":{"rendered":"