Hosts mod_security problem with wordpress….

  • Hi, I really need some help here, please can somebody answer.

    I got an e-mail today from my Host, telling me that some script on wordpress is causing errors in their mod_security rules. According to my host this is what they sent me was the problem

    —————————————————————-
    mod_security has certain rules for the words “pattern” used in online CMS and requested URL’s.
    If any pattern match with the requested URL under your site or any online CMS try to put the words “Pattern” to Database . mod_security deny the access to it. Most of the CMS put the data in the Ddabase and edit / delete record from database and really need the mod_security disable.
    We cannot modify the mod_security rules on shared server however can disable mod_sec for your site.

    —————————————————————–

    Does anybody have any ideas about what this is about? I just dont understand what they are talking about, and why wordpress should have raised this alarm.

    Please can somebody help, its really important. If its not sorted, they already turned off mod_security without discussing it with me, and I only discovered that when i asked them about it. They turned it back on at my insistence, but have threatened to turn it off again, if I dont get it sorted. This will leave my site open to attack.

    Thank you.

    John.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Try adding this in a .htaccess file in the wp-admin/ folder, NOT in the root!

    <IfModule mod_security.c>
SecFilterInheritance Off
</IfModule>

    And if WP is causing “problems” for your host… get a decent host urgently!

    Thread Starter jakewc2

    (@jakewc2)

    And if WP is causing “problems” for your host… get a decent host urgently!

    Unfortunately, its not as easy as that. I also run a MODX CMS, and from what I can gather, its the same on that, its a recognised problem which nobody has been able to find a work around, on any host.

    Thank you for the help, I really appreciate it.

    Thread Starter jakewc2

    (@jakewc2)

    just a thought, it could a reason why some people here are getting unresolved error 404 messages on hosted servers.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Hosts mod_security problem with wordpress….’ is closed to new replies.