6 thoughts on “How To Fix WordPress and Mod Security 2 Leave a comment

  1. I am pleased to hear that you managed to fix the frustrating errors. WordPress has spat a few errors at me in the past, the most infuriating was the blank page after posting a new post. 😛

  2. Thanks dude, this pointed me to the right direction. In my case the standard(?) WordPress exclusion ruleset didn’t account for multisite installations, i.e. /wp-admin/network/ URIs.

  3. ModSecurity already maintains a WordPress rule exclusion list. Search in /etc/modsecurity/crs-setup.conf for rule 900130. Remove the # comment tags as follows…
    SecAction \
    “id:900130,\
    phase:1,\
    nolog,\
    pass,\
    t:none,\
    setvar:tx.crs_exclusions_wordpress=1”

    Save your edit to crs-setup.conf, then restart apache2…

    service apache2 restart

    Done!

  4. Thank you for explaining steps and main issue with solution.
    I am managing 20 WordPress sites and faced same issue. your post very helpful for me to solved my issue.
    Previously i was used temp solution. disabled the mod_security rule and update the site then enable the rule.

    Thanks again for superb solution

Leave a Reply to BenCancel Reply

Your email address will not be published. Required fields are marked *