mod_security and WordPress
I just upgraded this blog to the latest version of WordPress, and I noticed that I wasn’t able to post. Got 403 Forbidden error message.
Checking mod_security’s log file, I saw these messages:
POST /wp-admin/post.php HTTP/1.1
mod_security-message: Access denied with code 403. Invalid cookie format: Cookie value is missing #1
mod_security-action: 403
After googling around, turned out it’s because of a setting in a mod_security.
Basically, you’ll need to replace SecFilterCheckCookieFormat to SecFilterNormalizeCookies in your mod_security config.
After doing this and restarting Apache, I can post again to WordPress.
Hope this helps somebody else with similar problem.
May 16th, 2006 09:28
I like your blog’s new look…:-) bravo.
May 18th, 2006 07:33
Thanks, I’ve a few ideas to make this blog more useful, and this is the first step. Hopefully I’ll be able to implement the changes faster.
August 14th, 2008 23:17
Yeah this blog seems really nice…the layout is great and lots of awesome information.
August 25th, 2008 21:18
That’s good news that you eventually got it sorted. I’m sure someone else will come across the same problem, this should help them a lot.
September 11th, 2008 20:06
Good writing, a pleasure to read
September 16th, 2008 22:48
Thanks! Very pleasant to read and a lot of information.
September 22nd, 2008 00:43
I had similar issues when I upgraded, but I think I’ve got them all sorted out now. First time I’ve had issues with an upgrade. Thanks for the help
October 31st, 2008 11:39
I ran into this exact same problem and was searching high and low. I thought I was going to have to go back to my previous version. Anyhow - your solution saved me a lot of hassle - thanks!
November 14th, 2008 14:10
I am glad I found this post… You saved me tonz of time and think your blog looks very professional!
November 16th, 2008 04:42
There’s a very amusing thread about this over at Scene.org’s flames forum - best quote “But it is kind of flattering for them to think that the demoscene coders now have found a way to pack 1 whole tv series episode into a ~30KB file
“.
November 23rd, 2008 10:54
hi ppl.. thanks for the trick.. i had the same problem…
Dino
November 28th, 2008 10:26
how if i don’t have mod_security access? can I edit it with .htaccess file?
November 28th, 2008 10:29
@djupi - I don’t think so, sorry. Do confirm it with your sysadmin to be sure.