Buy

Books
Click images for more details

Support

 

Twitter
Recent comments
Recent posts
Currently discussing
Links

A few sites I've stumbled across recently....

Powered by Squarespace

Discussion > Random 403 errors

Here are the two I have recently received, on my first post (though cannot remember if I previewed both times, though I definitely did for the first, and I will not for this):

403 Forbidden
0OztaHIR/KvE3LSnY @ Tue, 24 Nov 2015 19:32:35 GMT
SEC-61

403 Forbidden
9fOobZCI/dVDaU8mT @ Tue, 24 Nov 2015 19:35:19 GMT
SEC-61

Nov 24, 2015 at 8:00 PM | Registered CommenterRadical Rodent

So as my good friend RR so succinctly proves: demands for a screen grab with the error message are totally meaningless.

Nov 24, 2015 at 8:32 PM | Registered CommenterMike Jackson

In his original "403 errors" thread, Andrew said:
If anyone wants to contact Squarespace direct, email customercare@squarespace.com and quote ticket no 791514
Nov 7, 2015 at 10:49 AM | Registered CommenterBishop Hill

__________________________________________________________________
With that generic authorisation to contact Squarespace, I emailed Squarespace today saying:

Dear Squarespace Customercare,
(...)
This is a significant problem in view of:

1. The length of time it has been affecting users (now longer than two weeks).
2. The fact that, once the problem appears, the commenter can no longer post comments, sometimes for the rest of the day, so that it prevents discussion.
3. The number of commenters affected (many, possibly all, users of this blog).

It is all made worse by the fact that:
A. The problem has apparently been caused by Squarespace itself implementing a badly thought out hack to try to prevent spam.
B. Squarespace seems to be floundering without any organised plan to investigate and resolve the problem.
(...)
Please forward this email to the Escalation Manager with reponsibility for this ticket and confirm that you have done this. (blah blah)

Thank you for your help
Regards

__________________________________________________________________
I got a quick reply saying:

Hello Martin,
Thanks for reaching out to us on this.
Per your request, I'm going to share this case with a Team Lead for review.
(...)
All the best

__________________________________________________________________
Later I got an email saying:
Hey Martin,

My name is Craig and I'm a Team Lead here at Squarespace and your case was assigned to me for review, so I'd be happy to follow up here with some additional info.

We've recently been made aware, by the site owner, of the issue you're experiencing on http://bishophill.squarespace.com. This was related to a high volume of comments being posted in a short space of time, which was triggering our AbuseFilter for Squarespace 5 (V5) and preventing some user comments from being posted.

We can certainly understand the frustrations this might have caused, especially when content is being lost after spending time typing it out. Our engineers have been working on this since it was initially reported, to tweak the rules of our filter and ensure that we don't just open the floodgates to spam. We also want avoid false positives, which requires a lot of rule changes in the filter's code and testing on our end before we release it into the wild.

To remedy the issue and prevent future instances of this arising on sites with a higher than average comment volume, we've modified our rate limits which have now been applied to all V5 sites, effective immediately. We've modified it so that users can post more comments in a shorter space of time, while still actively trying to avoid false positives. We've also lengthened the time window limits in certain cases, so we can be confident the system isn't being used in a way that it wasn't designed for (user spam, spam bots, etc.).

You should notice a difference immediately however, do let us know if you encounter the same or similar errors in the future and provide us with as much relevant information as possible, such as screenshots, how often it happened, the steps you took to replicate it, etc. Any additional info that can be provided in these cases can help us get to the root of it and ultimately prevent any further issues that may arise.

We appreciate you bringing this to our attention once again, and you should now be able to post comments without issue. If you have any follow up questions or concerns, please don't hesitate to get back in touch and we'll be happy to help.

Kind Regards,
Craig

________________________________________________________________

Somehow I feel less than 100.00% confident....

___________________________________________________________________
I reviewed the above, did a preview, corrected it, did a preview and......

403 Forbidden
0QfWMA4M/1l5vMTF6 @ Tue, 24 Nov 2015 21:06:09 GMT
SEC-61

Haha

Nov 24, 2015 at 9:21 PM | Registered CommenterMartin A

After one preview:
403 Forbidden

6QWdjlgf/M1WmFj7M @ Wed, 25 Nov 2015 12:14:20 GMT
SEC-61

=========================
After waiting one minute, deciding whether to reboot, etc etc, I went for 'just try it again, straight away', so I tried it again, and IT WORKED!

I had a spate of 403's, for a couple of days, then it was OK for a few days. Although I did fewer reviews, I did do a one or two, but I think the most was one review before committing.

Nov 25, 2015 at 12:24 PM | Registered CommenterRobert Christopher

MJ: thanks. Not too sure about the "good" bit, though...

Nov 25, 2015 at 12:42 PM | Registered CommenterRadical Rodent

I can understand why multiple posts triggers it but the Preview and Make Changes shouldn't add to that total.

Nov 25, 2015 at 1:19 PM | Unregistered CommenterTinyCO2

Thanks for reaching out to us on this.
Per your request, I'm going to share this case with a Team Lead for review.
Pass the sick bag, Deirdre! Do these people never speak plain English? Going forward?

Nov 25, 2015 at 8:58 PM | Registered CommenterMike Jackson

Following up, I had an email reply from Squarespace asking me to do a whole lot of things to give them information.

I feel these are things they should be doing but I'll go ahead anyway and answer their questions as best I can. This may involve my attempting many trial postings on this thread....

Nov 25, 2015 at 9:03 PM | Registered CommenterMartin A

...the system isn't being used in a way that it wasn't designed for (user spam, spam bots, etc.).
Do spam bots really use "Preview" these days? They're smarter than I thought!

Nov 25, 2015 at 9:51 PM | Unregistered CommenterRaff

changed IP address

Nov 25, 2015 at 10:00 PM | Registered CommenterMartin A

posting new posting after a 403 due to a preview

Nov 25, 2015 at 10:02 PM | Registered CommenterMartin A

posting another new posting after a 403 caused by preview

Nov 25, 2015 at 10:03 PM | Registered CommenterMartin A

#1

Nov 25, 2015 at 10:05 PM | Registered CommenterMartin A

I have had some exchanges with Squarespace, including providing them with details of how the 403 problem manifests itself.

This evening I had a long reply to a critical message I sent then but which finished with the lines...

On a more positive note, I'm happy to report that they've now located what's causing the 403 error under the conditions described in your follow ups, so thank you for cooperating and for doing the testing requested, it's been most helpful.

What they will do now is work on making changes to how previews and edits are treated on the backend and adjust them accordingly in order to put this to bed. I'll follow up with you directly as soon as this update has been pushed through and then get confirmation that there's no further instances of this happening on the site.

I'll be out of office for the weekend so I'll check back in with you on Monday once I have some further information to provide.

While I tend to believe things when I actually see them, there does seem to be some reason to hope/expect that the BH site will soon be functioning correctly again..

Nov 27, 2015 at 8:59 PM | Unregistered CommenterMartin A