Support » Fixing WordPress » Security update and mod_security

  • Is there a particular mod_security rule needed to protect against the vulnerability in get_the_category_by_ID fixed in 1.5.1.2, or is it taken care of by a config option or just the mere presence of mod_security?

Viewing 3 replies - 1 through 3 (of 3 total)
  • skippy

    (@skippy)

    Member

    It is my understanding that out of the box, mod_security protects against SQL injections. The vulnerability in WordPress 1.5.1.1 was, in fact, a SQL injection vulnerability due to an un-cast integer variable.

    skippy

    (@skippy)

    Member

    Correction: out o fthe box, mod_security does nothing. You need a specific rule to protect against SQL injections. The following rule was suggested to me; but I have not tested it (I don’t use mod_security yet):
    [[[
    SecFilterEngine On
    SecFilterScanPOST On
    SecAuditLog /dev/null
    SecFilterDefaultAction "deny,log,status:402"

    SecFilter "delete[[:space:]]+from"
    SecFilter "insert[[:space:]]+into"
    SecFilter "select.+from"
    SecFilter "../"
    SecFilterSelective "REQUEST_METHOD" "SEARCH"
    ]]]

    After seeing this post I wanted to ask around for input on the effectiveness of these rules.

    Instead of trying to relay the information, you should see:

    http://www.gotroot.com/tiki-view_forum_thread.php?topics_offset=1&forumId=35&comments_parentId=586

    If you use mod_security or are planning to do so, you should consider updating the rulesets with those provided at GotRoot.com.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Security update and mod_security’ is closed to new replies.