modsec on shared server
I'm running 4.1.12. I've noticed modsec is working on most accounts on our shared server, but not on some of them. It's very odd...
I'm throwing this out there, but I noticed it works on all WordPress sites that have a working .htaccess file.
It doesn't seem to be working on standard html sites. However it does work properly when I switch to apache
My method for testing this is by running:
If the above gives 404 modsec is not working
If it gives a 403 then it is working, and I have verified this by watching the error_log which displays the activated modsec rule
I have actually verified this.
I added an empty index.php file to an account that was not working. (this account has basic html files).
I also added an .htaccess file containing the basic wordpress .htaccess file of :
As soon as I remove the .htaccess file or index.php file, it stops working and displays a 404 instead.
Again, this is tested by looking to see if a 404 or 403 error appears on this URL: http://domain.com/foo.php?foo=http://www.example.com
|All times are GMT -7. The time now is 06:27 AM.|