I was experiencing intermittent 403 errors while testing an API and it turned out that it would happen if the URL happened to have the text '_REQUEST' anywhere in it. I've identified the problem, but cannot find the security mechanism which (stupidly in my opinion) is triggering this behaviour.
I've simplified the initially complex scenario down to this:
mydomain.com/?foo=_REQUEST => causes 403
mydomain.com/?foo=_REQUES = is fine
It's a test host, on Windows 2008 AWS, XAMP 3.2.1, PHP Version => 5.5.3 everything is pretty much out of the box configured for dev.
I read about mod_security, but that's not found in my httpd.conf.
Is this a known PHP security mechanism, or something XAMP has added, or an Apache feature?