Not sure if this is a bug, but after enabling one of the ModSec Rule Package. I am not able to load the mentioned issue in the title. Is anyone having the same issue? The issue goes away if I turned off ModSecurity.conf from comodo rules pack. No console error from the wp-admin…
Just in case anyone else runs into an issue of not being able to upload to WordPress. This is a problem with a specific modsecurity rule in modsecurity.conf. Rather than disable the entire pack, you can just comment out the single rule and leave the others in place.
This file can be edited here:
sudo vi /usr/local/lsws/conf/modsec/owasp/modsecurity.conf
Comment out the rule: #SecRule MULTIPART_UNMATCHED_BOUNDARY “!@eq 0” \
#“id:‘200004’,phase:2,t:none,log,deny,msg:‘Multipart parser detected a possible unmatched boundary.’”
Realizing that may not be the best way to disable an individual rule. I am not finding where to add “SecRuleRemoveById XXXXXX” to anything. It’s not working to add it to the rules.conf.
So under Security → ModSecurity Rules, adding comma separated “SecRuleRemoveById” entries actually works, however, I had to delete the default entry that was there for this to work. Not sure if there’s a bug.
I have to run only comodo, using OWASP, was having a lot of issues with things not working in WordPress, with nothing getting logged.
You might also want to run an upgrade as well, as we recently made some fixes to ModSecurity. But for the rules thing, it is very complex and recommended to only enable one rule-pack at a time.
If you are not very expert, it is not recommended to play with rules, however, disabling/enabling certain file is OK.
im not able to get past the admin-login page on wordpress with modsecurity enabled, and i have a similar situation with ghost docker container where im not able to upload/change content without disabling modsecurity , what am i doing wrong?
I found out by putting SecRuleRemoveById in /usr/local/lsws/conf/httpd_config.conf before the and it worked so when I included the file /usr/local/lsws/conf/modsec/rules.conf within the my rules then began to work.