Update V80.0.22 Broke Wordpress Admin logins?

dru5412

Member
Feb 3, 2018
12
0
1
UK
cPanel Access Level
Root Administrator
I have 4 servers running WHM/CPANEL

2 running 80.0.20 (manual updates) All working fine.

2 auto updated to 80.0.22

The issue is that since this update NO Wordpress sites can access /wp-admin

It's hitting the wp-login.php redirect loop and timing out.

Have tried the usual, clearing cookies, renaming .htaccess


This is affecting ALL Wordpress sites on the server, so cant see it being a theme or plug in on one particular wordpress install....

Have an emergency ticket raised with support but if anyone has any ideas, would welcome them.

Thanks
 

dru5412

Member
Feb 3, 2018
12
0
1
UK
cPanel Access Level
Root Administrator
I have checked the error log files both on apache and in the users folders, there are no entries that show any error relating to WP-LOGIN.PHP redirecting.
 

dru5412

Member
Feb 3, 2018
12
0
1
UK
cPanel Access Level
Root Administrator
Cause found and temp rectified.

Mod_Security rule was triggering.

Disabling 33302 & 33303, whilst not ideal at least means all my customers can access wordpress again...

Will now try to resolve the issue with Mod_Security Vendor.

But it seems the version of CPANEL IS NOT TO BLAME..


Rule ID: 33302

Name: Bruteforce RBL block


Raw Rule:

# Bruteforce RBL persistent storage check SecRule REQUEST_URI "/wp-login\.php|/xmlrpc\.php" "id:33302,chain,phase:2,t:none,deny,nolog,auditlog,msg:'Bruteforce RBL block||T:APACHE||MV:%{MATCHED_VAR}',tag:'i360'"

SecRule IP:rbl_brute "@eq 1"
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,749
2,206
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @dru5412,

I'd like to see if I can reproduce this issue internally. To confirm, were you using a custom Mod_Security ruleset on this server or on this account? Or, were you using the default rules from a vendor such as OWASP or Immunify360?

Thank you.