mod_security and WordPress
I just upgraded this blog to the latest version of WordPress, and I noticed that I wasn’t able to post. Got 403 Forbidden error message.
Checking mod_security’s log file, I saw these messages:
POST /wp-admin/post.php HTTP/1.1
mod_security-message: Access denied with code 403. Invalid cookie format: Cookie value is missing #1
mod_security-action: 403
After googling around, turned out it’s because of a setting in a mod_security.
Basically, you’ll need to replace SecFilterCheckCookieFormat to SecFilterNormalizeCookies in your mod_security config.
After doing this and restarting Apache, I can post again to WordPress.
Hope this helps somebody else with similar problem.
May 16th, 2006 09:28
I like your blog’s new look…:-) bravo.
May 18th, 2006 07:33
Thanks, I’ve a few ideas to make this blog more useful, and this is the first step. Hopefully I’ll be able to implement the changes faster.
August 14th, 2008 23:17
Yeah this blog seems really nice…the layout is great and lots of awesome information.
August 25th, 2008 21:18
That’s good news that you eventually got it sorted. I’m sure someone else will come across the same problem, this should help them a lot.
September 11th, 2008 20:06
Good writing, a pleasure to read
September 16th, 2008 22:48
Thanks! Very pleasant to read and a lot of information.
September 22nd, 2008 00:43
I had similar issues when I upgraded, but I think I’ve got them all sorted out now. First time I’ve had issues with an upgrade. Thanks for the help