Thread Starter
Ripz
(@ripz)
Surely someone can shine some light on my problem??
Please.
I’ve been getting the same problem. I’m astounded that no-one has been able to answer this categorically on the forum. It seems like a really common problem, and it’s not like ay of the people posting it have been newbies: we all know to check the file permissions etc.
Completely stumped; think I’ll go back to using blogger.
Grasshopper, your search-fu is weak.
At first blush, one might theorize this is related to your host and mod_security.
Here’s one approach, courtesy of Whooami:
IF YOU DO NOT HAVE an .htaccess in your wp-admin/ directory:
create a text file on your desktop:
put the following inside it:
<IfModule mod_security.c>
SecFilterInheritance Off
</IfModule>
save the file.
Upload the file to your wp-admin directory.
Rename the uploaded file to .htaccess (with the .)
IF YOU DO HAVE an .htaccess in your wp-admin/ directory:
Edit it and add:
<IfModule mod_security.c>
SecFilterInheritance Off
</IfModule>
HandySolo, your .htaccess feng shui is good: it appears to have healed my woes.
So this directive stops the .htaccess directory inheriting the default mod_security settings. Surely this is always an issue for servers running mod_security? Is there a reason the WP installation doesn’t include a .htaccess file with that directive by default?
Anyway, thanks very much.
HandySolo, your .htaccess feng shui is good: it appears to have healed my woes.
the feng shui is mine.
So this directive stops the .htaccess directory inheriting the default mod_security settings.
Yes.
Surely this is always an issue for servers running mod_security?
Surely, it is not. I have 2 blogs on two diff. servers. Both have mod_security compiled into Apache, and neither has this problem. Hosts configure mod_security differently.
Is there a reason the WP installation doesn’t include a .htaccess file with that directive by default?
See above. Beyond that, its not WordPress’ job to override something like that. And frankly, I would pitch a Digg-sized fit if the developers ever thought to do such a thing.
Additionally, one doesnt have to disable mod_security to ‘fix’ that — you only need to know how to rewrite the mod_security rule thats causing the problem. Its just simpler to tell people to disable it.
