Thread Starter
ndray
(@ndray)
I now know that mod_security2 is causing this problem. Disabling it is not a solution.
The module is blocking the POST:
Mon Sep 08 16:34:57 2008] [error] [client 213.22.159.193] ModSecurity: Access denied with code 400 (phase 2). Pattern match “\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})” at ARGS:selection. [id “950107”] [msg “URL Encoding Abuse Attack Attempt”] [severity “WARNING”] [hostname “bugflux.org”] [uri “/wp-admin/options-permalink.php”] [unique_id “KVUMRH8AAAEAAGwKyAoAAAAI”]
I’d like to know if there’s any workaround or solution for this as my host is not willing to disable it, and this should not happen anyways, I believe…
I am having the same issue. I ve been trying to enable the xmlrpc posting option but everytime i click the save changes button the following error shows up:
Not Acceptable
An appropriate representation of the requested resource /blog/wp-admin/options.php could not be found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Can somebody please help me with this issue?
I’m having the same problem too.
When attempting to upload any images, or change any plugin parameters I get the following error:
Bad Request
Your browser sent a request that this server could not understand.
Client sent malformed Host header
After examining my logs I found the following entry:
[Sun Dec 21 18:20:40 2008] [error] [client 84.12.106.26] ModSecurity: Access denied with code 400 (phase 2). Pattern match “\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})” at ARGS:aktt_digest_title. [id “950107”] [msg “URL Encoding Abuse Attack Attempt”] [severity “WARNING”] [hostname “ianmckendrick.com”] [uri “/wp-admin/options-general.php”] [unique_id “mYKe0H8AAAEAACegG2IAAAAB”]
Does anyone know how to overcome this please?
Thread Starter
ndray
(@ndray)
“I” did manage to solve the problem…
I left the CMS alone for a while then, a few days later, I came back and saw that there was a newer wordpress version… I upgraded my instalation and the problem was gone.
I don’t know if the solution was the upgrade or something happened in my server… I did talk to them about the issue, maybe they did something… Try to figure what’s going on with your host providers…
I’m getting a 500 after attempting to add a text widget. My host error log shows this:
ModSecurity: Access denied with code 500 (phase 2). Pattern match “<:space:*(script|about|applet|activex|chrome)*>.*(script|about|applet|activex|chrome):space:*>” at REQUEST_BODY. [file “/etc/httpd/conf.d/modsec.rules.conf”] [line “318”] [hostname “www.webmystery.net”] [uri “/bloomarts/wp-admin/widgets.php”] [unique_id “d0g@N0ggOZwAACvgM6YAAAAG”]
Maybe something to do with a DNS redirect??
I still get the same error after upgrading to 2.7
I would suspect my host of implementing some new security protocol, but I’ve got other WP sites on the same server that aren’t having this problem.
It is very discouraging to come on this forum looking for answeres and find posts describing real and serious problems that haven’t been answered for months. (sigh)
Your web host may be able to help you with this, but also see:
http://wordpress.org/search/mod_security?forums=1
webmystery, you may want to make a new post (as yours is a 500 error and this post is a 404). But.
Based on http://wordpress.org/support/topic/226052?replies=2 I think you need to add the following to .htaccess
<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>
There’s a list of mod_security posts here: http://wordpress.org/tags/mod_security
Thanks, all
I’ve tried the .htaccess suggestion above, and some variations I found since in the other posts – no luck.
I’ll ask my allegedly wordpress friendly webhost if they have a suggestion. still really weird that this happens on only one of my wp sites with that host. I tried a clean install and a vanilla template with the same results.
I was getting a 404 error before I upgraded to 2.7, the only change is that it is now returning a 500 error
My host fixed it, and fast (laughingSquid.net)! ! Don’t even bother with the htaccess stuff if you have a responsive host.
“I’ve whitelisted the modsecurity rule catching this, please give it a try now and let me know if you’re still running into problems.”
