jpbroome

Confirmed. Found I could temporarily disable ModSecurity in CPanel for the site and the error/redirect problem went away while saving settings.

Update: It MIGHT be a 403 error related to path security with ModSecurityinstalled on the Apache server.

Snippet of error log:

[Fri Sep 25 20:22:28.132499 2020] [:error] [pid 32542] [client nn.nn.nn.nn:nnn] [client nn.nn.nn.nn] ModSecurity: Warning. Match of “pmFromFile path_excludes” against “REQUEST_FILENAME” required. [file “/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/004_i360_4_custom.conf”] [line “911”] [id “77140992”] [msg “IM360 WAF: Suspicious access attempt (WP folders)!||SC:/home/xxxxxx/public_html/wp-admin/options.php||T:APACHE||REQUEST_URI:/wp-admin/options.php||PC:731||”] [severity “NOTICE”] [tag “service_i360custom”] [tag “noshow”] [hostname “xxxxxxx”] [uri “/wp-admin/options.php”] [unique_id “abcxyz123”], referer: https://xxxxxxx/wp-admin/admin.php?page=postie-settings

It triggers a 403 error – which mod_rewrite in the .htaccess picks up and tries to redirect to a WP page – which doesn’t exist, resulting in the apparent 404.

Finally tracked it down while searching for “wordpress settings post 404” results on Google and found someone else point to – and solve – the problem by getting their host to tweak their ModSecurity setup.

I commented out my .htaccess url rewrite settings for a few tests and hit upon the 403.

Having the same issue as described here. All other WP Settings & Plugin Settings pages save, but the Postie settings page seems to post back to a page that results in a 404 (handled by WP).

There’s no special .htaccess settings on this site.

I noticed on a couple other plugin settings pages that they don’t specify an action url/destination in their config page’s form tag, while Postie does.

Any help possible would be appreciated.