I tried to make a post relating to server security and it included some strings that directly relate to security issues. These obviously triggered some mod_security rules but were actually benign. I have put this in temporarily while I complete the posts on mod_security issues with wordpress.
<LocationMatch “/wp-admin/post.php”>
SecRuleRemoveById 950006
</LocationMatch>
Rule 950006 is a very powerful rule and I won’t be leaving it disabled for long. With all this messing about I am now considering writing a specific ruleset for WordPress or maybe a control panel that allows me to edit them on the fly…
Leave a Reply