From: Brian Rectanus <Brian.R<ectanus@br...> - 2008-12-16 20:54:50
Shekhar Shinde wrote:
> Hello Brian,
> I have wordpress installed on my domain and when I try to edit a post
> from admin area modsecurity denies the action with the below logs:
> [Sun Dec 14 15:54:59 2008] [error] [client 184.108.40.206] ModSecurity: Access
> denied with code 406 (phase 2). Pattern match "\\.php\\?" at
> REQUEST_URI. [file "/usr/local/apache/conf/modsec2.user.conf"] [line
> "21"] [id "9502002"] [msg "PHP inclusion attack"] [severity "WARNING"]
> [hostname "domainname.com"] [uri "/blog/wp-admin/post.php"] [unique_id
> How can I allow the admin to post using /blog/wp-admin/post.php from a
> specific IP 220.127.116.11 ?
You need to read the FAQ on the ModSecurity.org site as it contains an
answer to your question. Please read the docs and search the list
archives before asking questions (many have been answered before).
Also, please avoid email directly to me or other community members in
the future. Use the list, which is intended for this purpose, generally
will give you a better response as more people will see the request and
will be archived so others can search for similar questions and answers.