ModSecurity Preventing WordPress Save Function
Hi, I am having issues with ModSecurity and the save function on WordPress websites. When I Activate "Do Not Process the Rules" under "Rules Engine" then WordPress saves without a problem. Looking at other posts I didn't seem to find a resolution. I did see someone from cPanel ask a user "If you go WHM>>Security Center>>ModSecurity>>Vendors do you still have the Imunify vendor present?" In my case the answer is no. If you believe this is my issue please let me know how to install this. It looked fairly simple but I wanted to be sure this is ok to do before I researched it and just installed it not fully understanding what I was doing. TIA!
-
In the instance, I was referencing Imunify, the user was receiving an error specific to imunify. In this case, what is the error you're getting in the apache error logs from mod_security when WordPress saves? 0 -
Thank you for the reply. There doesn't seem to any errors being recorded, the save function never seems to actually fail. The circle next to the save button just keeps spinning. The only two errors I see being recorded are these: [Wed Mar 25 05:59:35.242661 2020] [authz_core:error] [pid 30333:tid 47319667623680] [client 74.124.211.139:55464] AH01630: client denied by server configuration: /home/nhwh468702/public_html/.user.ini, referer: 0 -
Neither of those is related to the issue you're experiencing I don't believe. I was looking for the output from mod_security specifically to identify what rule is being hit. You can also see this at WHM>>Security Center>>ModSecurity Tools 0 -
Just checked it, says the hits list is empty. 0 -
If you go to WHM>>Security Center>>ModSecurity Configuration What is set for Audit Log Level? 0 -
That is set to: "Only log noteworthy transactions. " 0 -
Ok, that's the default which is good but that also is interesting as any hits you get on ModSecurity rules (i.e., if it blocks access to something ) should be logged in the audit log as well as in the hits list. Are you using the default OWASP vendor as well? If so you may want to open a ticket so that we can look into the issue further and identify what rule is being matched that's blocking Wordpress from saving. Thanks! 0 -
I am using the CP OWASP core rule set and ConfigServer cXs 0 -
If its of any help I just noticed that it seems to be working on some WordPress sites but not a newer install of WP. It won't even allow changes to a web page unless I turn off the rules. 0 -
On the WordPress forum someone mentioned the solution below but I wasn't able to find the etc/apache2/apache2.cnf file. I found the etc/apache2/ folder but that's where I hit a dead end.... This problem definitely looks like a permission problem. If you are using an Apache2 server in a Linux OS you should take a look at the server permissions. To solve this issue you should edit your /etc/apache2/apache2.conf and set the AllowOverride of the directory /var/www to All. It should look like this: Options Indexes FollowSymLinks AllowOverride All Require all granted After that run: sudo systemctl restart apache2 && sudo a2enmod rewrite And restart again: sudo systemctl restart apache2 If you need more details, this is a helpful (and simple) tutorial: 0
Please sign in to leave a comment.
Comments
10 comments