Redirect loop after update to WordPress 4.4.1 (wp-admin)

  • After updating from WordPress 4.4 to WordPress 4.4.1 all my WordPress sites started having a redirect loop error during the login process at /wp-admin. I have later discovered that the login process actually worked, but the redirect to the Dashboard isn’t working (this was confirmed by manually changing the URL in the address bar after the error to a valid url).

    In cPanel, we can see the mod_security rule violations for rules #214560 and #214940:

    214560: COMODO WAF: Potential Obfuscated Javascript in Output – Excessive fromCharCode Hide
    Request: GET /wp-admin/
    Action Description: Access denied with code 403 (phase 4).
    Justification: Pattern match “(?i)(String\\.fromCharCode\\(.*?){4,}” at RESPONSE_BODY.

    214940: COMODO WAF: Outbound Points Exceeded (points 5) Hide
    Request: GET /wp-admin/
    Action Description: Warning.
    Justification: Operator GE matched 4 at TX:outgoing_points.

    The workaround is to login using /wp-admin/index.php

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator t-p

    (@t-p)

    This is from the Master List 4.4:

    cPanel users may find wp-admin blocked due to a recent update to their server’s mod_security rules. Preliminary reports suggest rules #214620 and #214940 are to blame. Please contact your hosting provider if you encounter this.

    Thread Starter mcpacific

    (@mark_cox)

    @tara

    It is a problem with the cPanel mod_security rules and WordPress 4.4.1. The rules are not new, only the WordPress update.

    I suspect WordPress will be posting another update soon.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Redirect loop after update to WordPress 4.4.1 (wp-admin)’ is closed to new replies.