Pratish Kumar » Wordpress » Your submission failed. The server responded with (code ). Please contact the developer of this form processor to improve this message. WordPress AMP Error

Your submission failed. The server responded with (code ). Please contact the developer of this form processor to improve this message. WordPress AMP Error

4.5/5 (2 ratings)

Here is the solution to fix the issue “Your submission failed. The server responded with (code ). Please contact the developer of this form processor to improve this message. Learn more” on a WordPress AMP blog website.

Screenshot of the WordPress AMP Website Error

Your submission failed. The server responded with (code ). Please contact the developer of this form processor to improve this message. WordPress AMP Website Error.

Cause of Error

This error is actually a mod security issue. You need to contact your hosting provider to fix it. If you have access to hosting or server settings file, then follow the below steps. If you don’t have access, then send this link to your web hosting vendor or server administrator so that they can help you to fix the problem.

Error in Mod Security Log

[Wed Sep 13 14:20:10.327167 2023] [:error] [pid 2188906:tid 139717928527616] [client 157.44.193.131:49264] [client 157.44.193.131] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "ARGS:comment" required. [file "/usr/local/apache/modsecurity-cwaf/rules/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.pratishkumar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.pratishkumar.com"] [uri "/wp-comments-post.php"] [unique_id "ZQF3wnCvbjH0-Rufr7IXRAAAAMg"], referer: https://www.pratishkumar.com/dst-root-ca-x3-expired-september-2021/

Complete Solution to Fix the WP AMP Error

Here is the DIY solution on how to fix this problem.

Certainly, to allowlist the __amp_source_origin query parameter and address the specific ModSecurity rule violation, you can add a rule to your ModSecurity configuration. In this case, you want to add __amp_source_origin to the allowlist while still considering the existing rules. Here’s how you can do that:

# Add the __amp_source_origin query parameter to the allowlist
SecRule REQUEST_URI|ARGS_NAMES|ARGS:__amp_source_origin "@streq __amp_source_origin" \
    "id:243421,phase:1,pass,nolog,ctl:ruleRemoveById=243420"

# Existing rule (the one that triggered the error)
SecRule REQUEST_URI|ARGS_NAMES|ARGS:comment "validateByteRange 0-31" \
    "id:243420,phase:3,t:none,t:urlDecodeUni,t:normalizePath,block,msg:'Access denied.'"

# Any other rules you may have

Explanation of the rules:

  1. The first rule allows requests where the __amp_source_origin query parameter exactly matches __amp_source_origin. It uses the @streq operator for an exact string match. This rule passes the request without logging (pass,nolog) and also removes the rule with ID 243420 (the one that triggered the error) from the processing chain using ctl:ruleRemoveById=243420. This effectively whitelists the __amp_source_origin parameter while still considering the existing rule.
  2. The second rule represents the existing rule (the one that triggered the error). This rule remains in place but is no longer enforced for requests that contain the __amp_source_origin parameter because it was removed by the first rule.

Make sure to place these rules in your ModSecurity configuration appropriately and test thoroughly to ensure that they work as expected. Adjust them based on your specific ModSecurity setup and security requirements.

Quick Fix

If you are using custom file for modsecurity, then follow the simple quick fix like what I did.

Edit: /usr/local/apache/modsecurity-cwaf/custom_user.conf

Add the following code into it.

# Put your custom ModSecurity directives here
# Please don't remove this file

# Add the __amp_source_origin query parameter to the allowlist
SecRule REQUEST_URI|ARGS_NAMES|ARGS:__amp_source_origin "@streq __amp_source_origin" \
    "id:243421,phase:1,pass,nolog,ctl:ruleRemoveById=243420"

Save the file, restart ModSecurity, and then Reload Apache Webserver. Your issue will be solved.

If this helps, please don’t forget to share this page. If you have any issues in fixing this WP response code error on amp pages or other pages, please use the comment form below. I will try my level to help you.

About Author: Pratish
Pratish is a Bodybuilder, Programmer, Bodybuilding & I.T. Consultant, Teacher & Founder of many Companies. Need Support? Consult him. View Pratish Profile

Reviews and Discussions

Leave a Review or Reply

Your email address will not be published. Required fields are marked *

Rating

Average rating: 4.5 out of 5 (based on 2 reviews with ratings) Choose a rating for your review, or skip it to post comments, questions or replies. Your Rating: