Support » Plugin: WordPress Download Manager » Can’t save settings

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor W3 Eden, Inc.

    (@w3eden)

    Hi,
    It happens with some hosting ( ex: SiteGround ), please add following rules in the .htaccess file to fix the issue:

    
    <IfModule mod_security.c>
    SecFilterRemove 001868
    </IfModule>
    

    Or, please contact your hosting support.

    Thanks for the reply. I downgrade the PHP version of my server and everything went back to normal, if the problem continues i will post again.
    But first i will try your method

    Hello @smaragost,

    Ivan Atanasov from SiteGround here.

    The IfModule tag @w3eden offered in this thread is used to deactivate a mod_security rule with ID 001868. The way the code is written – if placed in the main .htaccess file of your website, it will deactivate the rule for your entire website.

    Instead, if you are facing an issue with mod_security, I recommend posting a Support Ticket. Our Technical Support team will reproduce the issue and check if a mod_security rule is actually causing it. However, judging from your last update, it was the PHP version.

    Either way, if a mod_security rule is being triggered by your website, our team will look for a more subtle way to deactivate the rule (for example, only for the file that cannot be executed because of the rule).

    I experienced this with siteground as the host. The above htaccess suggestion fixed the problem but then discovered that it breaks the security for the entire site. So I just used it for a few minutes to get the settings on wpdm to save then deleted the rule from the htaccess fiile. Not graceful but it works! Just remember to remove it immediately after getting the settings to update.

    • This reply was modified 1 month, 1 week ago by  Acal.

    @acal, exactly my point. Deactivating a mod_sec rule with the offered example here is not the desired method and it will harm the security of a given website. Better deactivate a rule for a single file (the file that is creating the problem) and then handle the configuration.

    And like you mentioned, if a given mod_sec rule is not interfering with the functionality after the setup – you can delete the related code from the .htaccess file.

    Thank you for sharing this here.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this review.