Not sure if this is a bug, but after enabling one of the ModSec Rule Package. I am not able to load the mentioned issue in the title. Is anyone having the same issue? The issue goes away if I turned off ModSecurity.conf from comodo rules pack. No console error from the wp-admin…
Just in case anyone else runs into an issue of not being able to upload to WordPress. This is a problem with a specific modsecurity rule in modsecurity.conf. Rather than disable the entire pack, you can just comment out the single rule and leave the others in place.
This file can be edited here:
sudo vi /usr/local/lsws/conf/modsec/owasp/modsecurity.conf
Comment out the rule: #SecRule MULTIPART_UNMATCHED_BOUNDARY “!@eq 0” \
#“id:‘200004’,phase:2,t:none,log,deny,msg:‘Multipart parser detected a possible unmatched boundary.’”
So under Security → ModSecurity Rules, adding comma separated “SecRuleRemoveById” entries actually works, however, I had to delete the default entry that was there for this to work. Not sure if there’s a bug.
I have to run only comodo, using OWASP, was having a lot of issues with things not working in WordPress, with nothing getting logged.
im not able to get past the admin-login page on wordpress with modsecurity enabled, and i have a similar situation with ghost docker container where im not able to upload/change content without disabling modsecurity , what am i doing wrong?
I found out by putting SecRuleRemoveById in /usr/local/lsws/conf/httpd_config.conf before the and it worked so when I included the file /usr/local/lsws/conf/modsec/rules.conf within the my rules then began to work.