nnimis

Yes… well, it did the trick finally. Not sure if this is because we are upgrading from previous versions or what, but this code seemed to be generating the HTTP 403 on Ajax calls

Apache 2 on a CentOS dedicated server, hosted on GoDaddy

Hi all! I have faced the same issue this week, plugin Version 6.1.1
I did not have the “Filter Suspicious Query Strings in the URL” options, nor the htaccess file modified.

The solution I have found: comment some plugin code. The file is better-wp-security/core/modules/wordpress-tweaks/config-generators.php
I have commented these lines:
107: $modification .= “\t\tif (\$http_user_agent ~ \”^$\”) { return 403; }\n”;
111: $modification .= “\t\tif (\$invalid_referer) { return 403; }\n”;

Not sure how it blocks request to admin-ajax.php… The config. option affecting this behavior was ‘Comment Spam’ under ‘WordPress Tweaks’ group. I had it disabled tough… but it seemed to be irrelevant. Ajax calls started working again after commenting those lines. Hope it helps!