I thought I'd post this issue here in case someone else faced the same thing and might find it on a search:
I was getting an instant 403 Forbidden error when trying to put up a new post or preview it. My blog is on shared hosting on Hostgator. Fortunately, I remembered a similar mysterious 403 issue that happened with my PHPBB board. It turned out then that something about the way Hostgator has set up ModSecurity had caused BBS posts to go 403 if they had email addresses in them. So posts with email@email.com would toss a 403. The only way to deal with it was to de-activate modsecurity in that directory through htaccess:
SecFilterEngine Off SecFilterScanPOST Off
Remembering this, I did the same thing with my MT directory, and voila, no more 403.
My question for the aficionados here is does anyone know if this exposes me in any way? Many thanks.
Reported on Movable Type 4.2
thanks I had the same issue with putting /etc/passwd in a post. you saved me a lot of frustration I think.