ModSecurity Preventing WordPress Save Function

Jan 8, 2020
13
1
3
New Hampshire, USA
cPanel Access Level
Root Administrator
Hi, I am having issues with ModSecurity and the save function on WordPress websites. When I Activate "Do Not Process the Rules" under "Rules Engine" then WordPress saves without a problem. Looking at other posts I didn't seem to find a resolution. I did see someone from cPanel ask a user "If you go WHM>>Security Center>>ModSecurity>>Vendors do you still have the Imunify vendor present?" In my case the answer is no. If you believe this is my issue please let me know how to install this. It looked fairly simple but I wanted to be sure this is ok to do before I researched it and just installed it not fully understanding what I was doing. TIA!
 
Jan 8, 2020
13
1
3
New Hampshire, USA
cPanel Access Level
Root Administrator
Thank you for the reply. There doesn't seem to any errors being recorded, the save function never seems to actually fail. The circle next to the save button just keeps spinning. The only two errors I see being recorded are these:

[Wed Mar 25 05:59:35.242661 2020] [authz_core:error] [pid 30333:tid 47319667623680] [client 74.124.211.139:55464] AH01630: client denied by server configuration: /home/nhwh468702/public_html/.user.ini, referer: https://domain.org/.user.ini

[Wed Mar 25 04:25:19.515028 2020] [access_compat:error] [pid 2610:tid 47319663421184] [client 45.79.163.69:45470] AH01797: client denied by server configuration: /home/nhwh468702/public_html/wp-includes/css/index.php

I recreated the problem just prior to sending this post but do not see any newer errors in the log.
 
Last edited by a moderator:

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
10,088
877
313
Houston
Ok, that's the default which is good but that also is interesting as any hits you get on ModSecurity rules (i.e., if it blocks access to something ) should be logged in the audit log as well as in the hits list. Are you using the default OWASP vendor as well? If so you may want to open a ticket so that we can look into the issue further and identify what rule is being matched that's blocking Wordpress from saving.


Thanks!