ModSecurity to disable for Wordpress
Hello,
ModSecurity ban user who use Wordpress admin editing, What is the list of rules to disable in ModSecurity?
Thanks
-
Hey there! I'm not sure if there is a one-size-fits-all solution to this problem. Some people have run into issues with the auto-save feature as mentioned here: You can also whitelist a certain IP address, such as the home IP of the site admin: 0 -
I can provide you the list we use for our wordpress clients but I agree with cPRex that it is better to audit the logs. Below is based on 3 months observations since 2023 on our new Cloudlinux server with 800 plugins spread between the accounts. We have not had any new incidents for a few months now. 942100, 942140, 942190, 941100, 941110, 941120, 941130, 941140, 941160, 941170, 941180, 941210, 921110, 921130, 980130, 930100, 930110, 920120
0 -
I"ve same issue. I need to disable mod_security on whole server because client facing issue. Some client facing post save issue. Some client facing 404 error. Some facing ajax error in plugins. Which rules are creating issue. What should we have to do. I"m using imunify360 & Cloudlinux. Is it safe to disable mod security on whole server? 0 -
Thank you! This is my whitelist: 300013 300015 300016 300017 942100 942140 942190 941100 941110 941120 941130 941140 941160 941170 941180 941210 921110 921130 980130 930100 930110 920120 949110 980130 Anyhting to add or to remove? 0 -
Done thanks. 0
Please sign in to leave a comment.
Comments
8 comments