webbadger

Tried that… thanks tho!

I have just installed a fresh install in another directory…

Still not working.. its gotta be the server set up!

Thanks Esmi,

I have just recived this response from Storm Internet. They say it is a wordpress issue.

mod_security is an integral part of server security.
WP is a open source, third party and free application and as such preferred by lots of users. Basically because of its flexibility, attractive themes, plugins, modules, it become popular as if you install a default WP, it shows only plain text. There are several other popular CMS applications too available.

Mod Security is a Apache module. Modsec monitors all incoming HTTP requests for malicious behavior, and does not complete requests that meet certain criteria. These criteria are spelled out in what are called “rules” or “rulesets”.
WP found to be vulnerable all the time because of its themes, plugins, modules etc. and this is not what we are saying but this is what you will find most of the users complaining on WP forum itself. You will also find that for most of the critical issues post on WP forum, no proper resolution has provided for them.
The default installation of WP is always secure and should not create such issues as it do not contain any customization, plugins, modules, themes etc.

Because of these known vulnerabilities, modsec always trigger if there is any malicious behavior noticed from web site and it blocks the user IP immediately to avoid any major issues that may happen with it.
This is a security measure and not a problem on server.
Unfortunately, there are some instances where legitimate requests are stopped as well due to the rules set but this can be avoided by disabling modsec for that specific site.
When modsec is triggered by a piece of code that performs a legitimate function of your site, it is best to have that code rewritten so as not to trigger modsec. Each of modsec’s rules catch attacks, so if modsec is treating your site code like an attack, the problem is almost always with what the site code is doing.

When the site is not developed with your own code, and when it is a third party application then you may have to turning off the specific modsec rule that the site triggers.

We have thousands of WP web sites on our Windows as well as Linux server and successfully running those sites from last couple of years.
Also its very rare someone contact us regarding their IP being blocked by accessing WP sites which shows its not so common with our users.
If you are facing this problem frequently then its your WP site scripts which are making modsec to trigger as those are found to be suspicious in nature. These are all standard rules of modsec and not each custom so if you face any such issue with your web site then you can inform us to disable modsec for it and we can get this for you.
But it is not something that we can make changes on server security just because any specific WP site blocking the users.

We advertise about WP at :
http://www.storminternet.co.uk/hosting_wordpress.asp

because we successfully host thousands of WP sites on our servers.
If its just you who is facing issues with WP sites, it does not mean that we are unable to handle wordpress.

Should you require any further information or if we can be of assistance with anything else please do not hesitate to get in touch.

Kind regards,

Storm Internet Ltd | Senior Support Engineer

Still cant find a solution? Any one seen this before?

Hi,

Hopefully someone can help.. im stummped!

I cant make this site update the .httacess to allow permalinks.

It just shows Error404’s

If I then reset to default, it just an empty file with comments eg:

# BEGIN WordPress

# END WordPress

I have tried uploading # BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Its in root directory

I have tried changing permissions

I have re installed WP

Any helpfill be appreciated

http://www.blossomclothingcornwall.com/

Found this:

http://brutegorilla.com/wordpress-default-themes-may-be-vulnerable-to-hacking/#axzz2Ut9hXw2H

BruteGorilla March 23, 2013
WordPress Default themes may be vulnerable to hacking
continued after advt

If you are using or not using WordPress default themes, you could end up being hacked. I was checking into a worddefence security plugin (Click to get one) alert and found this:

* Modified theme file: wp-content/themes/twentyeleven/languages/twentyeleven.pot
* Modified theme file: wp-content/themes/twentytwelve/languages/twentytwelve.pot

This is not the first time, I am getting it.

If you are concerned, first try blocking:

Nigeria, 197.242.108.216
AS37340 Spectranet
Client:
Win7 (1366x768x24)
Firefox 19.0 (JavaScript: 1.8, Cookie: Yes, Java: No)

It might help.

Read more: http://brutegorilla.com/wordpress-default-themes-may-be-vulnerable-to-hacking/#ixzz2Ut9pS7dw
Frontier India – news, Analysis, Opinion
Follow us: @frontierindia on Twitter | frontierindia on Facebook

They are editing the user table in mysql. Not sure if anything else yet

Seen an infected file The file /public_html/wp//wp-content/themes/twentyeleven/languages/twentyeleven.pot

I restored it back to orginal

I found these usefull plugins:

http://wordpress.org/plugins/wordfence/
http://wordpress.org/plugins/limit-login-attempts/

So you thing I have been hacked then? Not a bug?

Same.. i didnt think my images were that big. And my server is ok.