404 Error When Adding or Updating a WordPress Post

I stumbled across this problem when I recently switched hosts. At first I thought it was related to my latest WordPress upgrade but after further investigation I found it was related to ModSecurity. ModSecurity provides request filtering and other security features to the Apache HTTP Server. Basically when you add a new post, or edit an existing post, the request is filtered through a list of checks to look for possible security problems like intrusion attacks.

In my case the post was triggering a SQL Injection attack warning so Mod Security was 404 redirecting the request. Mod Security was concerned because my post contained the word “select” followed by the word “from”. It did not seem to care that these words were 2 paragraphs apart?

How to Fix This Problem?

I am sure that there are many ways to fix this problem. ModSecurity is installed for a reason, and does offer some benefits so anything you can do to selectively fix problems you are having with ModSecurity is better than completely deactivating it. In my case I was able to see that the filter triggering the problem had an ID of 300016. I was able to tell ModSecurity to “skip/remove” this filter by adding the following to the virtual host block in my apache configuration file:

<Location "/wp-admin/" >
SecRuleRemoveById 300016
</Location>

Notice that I only removed this rule from requests in the /wp-admin/ directory. In theory ModSecurity should still utilize this rule to detect SQL Injection attacks in other directories. If you don’t have access to http.conf you can also use .htaccess directives to control ModSecurity from within .htaccess files. It’s probably best to contact your host to see if they are using ModSecurity and to see what they suggest.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

*