The most likely reason is that your web server has mod_security enabled. The mod_security feature scans all POST requests to the web site for forbidden words or word combinations that might indicate that someone is trying to hack the system.
If any of those words and word combinations exist in the request, Apache returns the 403 Forbidden error. Common phrases that tend to trigger mod_security include curl, wget, set, file(, and system(, although there are many others.
To disable mod_security for your website, follow these steps:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
If this doesn’t help, contact your server administrator.
Questions & Feedback
Have any questions that weren't answered here? Need help with solving a problem in your online store? Want to report a bug in our software? Find out how to contact us.