Hostinger – Unable to Create Invoices, Product, Estimates – Grow CRM – A Self Hosted CRM & Project Management Software

Issue: Users experiencing 403 Forbidden errors when attempting to create invoices, estimates, or products in Grow CRM when hosted on Hostinger.

Cause of the Issue

This problem typically occurs due to Hostinger’s Content Delivery Network (CDN) security settings. The CDN applies filtering rules (similar to mod_security SecRuleEngine rules) that can mistakenly block legitimate POST requests to your Grow CRM application, resulting in 403 Permission Denied errors when trying to create or modify resources.

Solution

To resolve this issue, you need to adjust the CDN security settings in your Hostinger account. Follow the steps below:

1

Access CDN Settings in Hostinger

Login to your Hostinger hPanel and navigate to Dashboard > Performance > CDN.

2

Manage Your Domain’s CDN Settings

Find your domain in the list and click on the Manage button.

3

Adjust Security Level

Navigate to the Security tab. Change the security level to Low. If the issue persists, set it to Essentially off.

4

Test Your Grow CRM

Return to your Grow CRM application and try creating invoices, estimates, or products again. The issue should now be resolved.

Technical Details

For those interested in the technical aspects of this issue:

The 403 errors occur because Hostinger’s CDN employs WAF (Web Application Firewall) rules that can mistakenly flag legitimate POST requests as potential threats. This is particularly common with forms that contain multiple fields or certain keywords that trigger security rules.

Grow CRM uses complex forms for invoices, estimates, and products that may contain field names or values that trigger these security rules, such as:

Price fields
Tax fields
Product codes and identifiers