Allow WooCommerce upload CSV on GridPane

Table of Contents

The Issue

If you have a firewall enabled (like 7G), it may block the products from getting imported (from a csv file) with a 403 Forbidden error.

Sample URL of the 403 Forbidden page:

https://example.com/wp-admin/edit.php?post_type=product&page=product_importer&wc_onboarding_active_task=product-import&step=mapping&file=/var/www/example.com/htdocs/wp-content/uploads/2021/11/sample_products.csv&delimiter=,&_wpnonce=ed1ecef18b

When this happens open your site customizer in your GridPane account, go to 6G WAF/7G WAF under the Security tab, and open the Log file.

Look for a line like this:

[30/Nov/2021:22:55:19 +0100] [":bad_request_25:"] xx.xxx.xx.xxx example.com "GET /wp-admin/edit.php?post_type=product&page=product_importer&wc_onboarding_active_task=product-import&step=mapping&file=/var/www/example.com/htdocs/wp-content/uploads/2021/11/sample_products.csv&delimiter=,&_wpnonce=ed1ecef18b HTTP/2.0" 403 0.000 "https://example.com/wp-admin/edit.php?post_type=product&page=product_importer&wc_onboarding_active_task=product-import" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:95.0) Gecko/20100101 Firefox/95.

What you are particularly looking for in the above is the number in bad_request_25, 25 in this example.

Now we have to do the following steps to create a rule to exclude the above.

Connect to your site

Connect to your server using SSH via Terminal and run the following commad while replacing example.com with your site’s domain:

nano /var/www/example.com/nginx/woo-whitelist-7g-context.conf

Paste

Inside this file paste the following

set $exclusion_rule_match "";
if ( $args ~* ^post_type=product&page=product_importer ) {
 set $exclusion_rule_match 25;
}
if ($bad_request_7g = $exclusion_rule_match) {
 set $7g_drop_bad_request 0;
}

In the above replace 25 with the bad request number.