Hi,
I run a WordPress.org install on my sitch.org domain and I’m having a bear of a time with something that I think I’ve narrowed down to a mod_security block on an authentication call from a wordpress plugin to facebook. Actually I think it’s Facebook’s response to the auth request.
This POST request gets 404'd:
98.207.217.237 will.sitch.org - [21/Jan/2013:16:54:05 -0800] "POST /wp-admin/options.php HTTP/1.1" 404 21301 "http://will.sitch.org/wp-admin/admin.ph ... n-settings" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"
I don't have access to the mod_security logs in /var/log/custweb, but I assume mod_security or probably mod_security2 is blocking this as an URL Encoding attack or something.
I don’t know how to fix this. I’ve added the following to my .htaccess to turn off the POST filtering engine, but I still get the 404s. I think we're probably using mod_security2 (or a version that doesn't allow configuration overrides).
<IfModule mod_security.c>
SecFilterScanPOST Off
</IfModule>
Anyone got any ideas? Can an admin have a peek at the mod_security settings and weblogs? I've been reading that for others with the same problem, whitelisting some rules can make this work.
Thanks,
Will
I run a WordPress.org install on my sitch.org domain and I’m having a bear of a time with something that I think I’ve narrowed down to a mod_security block on an authentication call from a wordpress plugin to facebook. Actually I think it’s Facebook’s response to the auth request.
This POST request gets 404'd:
98.207.217.237 will.sitch.org - [21/Jan/2013:16:54:05 -0800] "POST /wp-admin/options.php HTTP/1.1" 404 21301 "http://will.sitch.org/wp-admin/admin.ph ... n-settings" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"
I don't have access to the mod_security logs in /var/log/custweb, but I assume mod_security or probably mod_security2 is blocking this as an URL Encoding attack or something.
I don’t know how to fix this. I’ve added the following to my .htaccess to turn off the POST filtering engine, but I still get the 404s. I think we're probably using mod_security2 (or a version that doesn't allow configuration overrides).
<IfModule mod_security.c>
SecFilterScanPOST Off
</IfModule>
Anyone got any ideas? Can an admin have a peek at the mod_security settings and weblogs? I've been reading that for others with the same problem, whitelisting some rules can make this work.
Thanks,
Will