I'm using this tool on multiple sites that I host, and I'm only having this problem on one of my sites. I initially ran into it after installing a new slide show component as I was able access the component, but when I went to add images to the show I would receive the error screen. So I was going to uninstall/re-install my slide show, but I received the 403 error on the component uninstall page. I have since backed up my database, and files, wiped the Joomla install, re-installed everything, and restored my database. I can now get to the component uninstall/re-install; however, I continued to receive the same error. I have now turned on all 4 component exceptions I can find for the specific component and that fixed the problem for that specific component, but I thought the exceptions were supposed to be for the front end... So tonight, thinking that all my problems were gone because of creating the exception for that component I went in to create a new section and categories, only to receive the exact same error again! I could semi understand having this issue if "Lock-Down" was engaged, but I have it disabled... Since I now have access to the component uninstall/install I thought I would uninstall RSFirewall at least temporarily; however, both my front end and administration pages now display error messages pertaining to RSFirewall not being installed! Has RSFirewall completely hosed my database? Remember Lockdown is turned off, and the problems I'm having on this one site are not being experienced on the other sites that I host on the same server in the same account... Thank you for any input that you can offer.
(PS I'm submitting this through my access to support from RS as well, hopefully between the two I can find an answer.)

This is the resolution:


The problem is generated by a combination of factors. First:
[url]
http://www.site.com/administrator/index.php?option=com_imageshow&controller=selectsource&showlist_id=5
[/url]

... you can notice that in the above URL a keyword is used "select". This triggers the attention of the RSFirewall! component but this is further analyzed. To determine if this is a malicious intention it checks for a table prefix... and thus the second issue - you do no have a database prefix configured. It is best to set a database prefix. But caution should be taken when performing this.

A way around this would be to set RSFirewall! to skip this component when performing SQL injection verifications: Components > RSFirewall > Configuration > Active scanner : Skip the following components when verifying for SQL injections.