Hello,
ModSecurity ban user who use Wordpress admin editing, What is the list of rules to disable in ModSecurity?
Thanks
ModSecurity ban user who use Wordpress admin editing, What is the list of rules to disable in ModSecurity?
Thanks
Hey there! I'm not sure if there is a one-size-fits-all solution to this problem. Some people have run into issues with the auto-save feature as mentioned here:
but it could be any number of ModSecurity rules on the system causing a problem.
The safest solution would be to examine the ModSecurity logs and whitelist the rules that are being tripped on your specific machine:
You can also whitelist a certain IP address, such as the home IP of the site admin:
support.cpanel.net
ModSecurity exclude rules for editing posts and pages in WordPress - Mkyong.com
This article shows how to create ModSecurity exclude rules for editing posts and pages in WordPress, for Apache and Nginx.
mkyong.com
but it could be any number of ModSecurity rules on the system causing a problem.
The safest solution would be to examine the ModSecurity logs and whitelist the rules that are being tripped on your specific machine:
You can also whitelist a certain IP address, such as the home IP of the site admin:
How to whitelist an IP address in ModSecurity
Introduction Use the following steps to whitelist an IP in ModSecurity. Procedure Log in to SSH or Terminal as the root user. Open the following file in a text editor: /etc/apache2/conf.d/modsec...
I can provide you the list we use for our wordpress clients but I agree with cPRex that it is better to audit the logs.
Below is based on 3 months observations since 2023 on our new Cloudlinux server with 800 plugins spread between the accounts.
We have not had any new incidents for a few months now.
Below is based on 3 months observations since 2023 on our new Cloudlinux server with 800 plugins spread between the accounts.
We have not had any new incidents for a few months now.
942100, 942140, 942190, 941100, 941110, 941120, 941130, 941140, 941160, 941170, 941180, 941210, 921110, 921130, 980130, 930100, 930110, 920120
Last edited by a moderator:
I’ve same issue. I need to disable mod_security on whole server because client facing issue.
Some client facing post save issue.
Some client facing 404 error.
Some facing ajax error in plugins.
Which rules are creating issue. What should we have to do.
I’m using imunify360 & Cloudlinux. Is it safe to disable mod security on whole server?
Some client facing post save issue.
Some client facing 404 error.
Some facing ajax error in plugins.
Which rules are creating issue. What should we have to do.
I’m using imunify360 & Cloudlinux. Is it safe to disable mod security on whole server?
Good catch I have no idea why this one was disabled myself I am going to ask the team here because that is definately not meant to be off.
I will ask the moderators to remove the entry if possible from the post I made as I cant edit it myself anymore.
Thank you!
This is my whitelist:
300013
300015
300016
300017
942100
942140
942190
941100
941110
941120
941130
941140
941160
941170
941180
941210
921110
921130
980130
930100
930110
920120
949110
980130
Anyhting to add or to remove?
This is my whitelist:
300013
300015
300016
300017
942100
942140
942190
941100
941110
941120
941130
941140
941160
941170
941180
941210
921110
921130
980130
930100
930110
920120
949110
980130
Anyhting to add or to remove?
As I mentioned earlier in this thread, if you disable rule 949110 you pretty much disable ModSecurity
https://twitter.com/MikeGoatly/status/1493922217662558211
https://twitter.com/MikeGoatly/status/1493922217662558211
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
|
Disable ModSecurity on default vhost | Security | 3 | |
| F | cxs ModSecurity Scanning (disabled) | Security | 2 | |
|
SOLVED How to disable modsecurity for an domain WHM | Security | 2 | |
| A | How to disable Cpanel-ModSecurity on in 11.46 in WHM | Security | 3 | |
| U | modsecurity option disabled from whm | Security | 4 |