"403 Forbidden" responses in new Docker installation

New install, Docker image phplist/phplist:3.6.14, dedicated server, self-managed Ubuntu 20.04.6 LTS, Docker version 24.0.2. Server is running behind an instance of NGINX. I can supply version in PM if its relevant.

The problem is very much as described in

Basically, trying to create a new campaign. When I try to “Save as draft”, “Save and continue editing”, send a test message, or use any of the navigation buttons, I get a very sparse page that only says “403 Forbidden”.

403 Forbidden page:

Issue 9261 is relevant to the conversation.

After reading issue 9261, I removed all html from all form fields. Once I do that, I get no 403 response. The conversation suggests that security/antimalware modules might be causing the issue and specifically mentions apache mod_security and Wordpress Wordfence. There is no Wordpress in the environment. The Docker image as downloaded from Docker Hub contains both phpList and Apache. I haven’t done anything to change the shipped Apache configuration, but in any case mode_security doesn’t seem to be present in the image. (I checked by running apachectl -M within the running container.)

Of course, I need to be able to embed html in the message, footer, etc. What might I do to figure out where my installation is misconfigured (or is this a bug)?

It looks like the problem is caused elsewhere in our infrastructure. Likely a firewall issue. I haven’t found it yet, but I don’t think that y’all can help with this.

Thanks for reading!