Comments on: WordPress & Apache mod_security: Part 01 http://www.pablumfication.co.uk/2010/02/05/wordpress-apache-mod_security-part-01/ Oversimplifying Wed, 19 Oct 2011 16:37:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Aaron Dwyer http://www.pablumfication.co.uk/2010/02/05/wordpress-apache-mod_security-part-01/comment-page-1/#comment-443 Aaron Dwyer Mon, 03 Jan 2011 10:33:36 +0000 http://www.pablumfication.co.uk/?p=62#comment-443 Hi This helped me a lot. Because I'm on cPanel I moved the whitelist.conf which I had built for modsecurity2 which handles globally, into the cpanel vhosts template area (which is different depending on your apache build) cPanel builds the httpd.conf file up from external includes. So you have to use an external include .conf file put in the right place. Look in the httpd.conf file for exactly which directory to put it in. In the end this was my whitelist.conf file SecRuleRemoveById 300016 SecRuleRemoveById 300016 And now it's being run for just one user account that for some reason had trouble with modsecurity2. Aaron Hi This helped me a lot.

Because I’m on cPanel I moved the whitelist.conf which I had built for modsecurity2 which handles globally, into the cpanel vhosts template area (which is different depending on your apache build)

cPanel builds the httpd.conf file up from external includes. So you have to use an external include .conf file put in the right place. Look in the httpd.conf file for exactly which directory to put it in.

In the end this was my whitelist.conf file

SecRuleRemoveById 300016

SecRuleRemoveById 300016

And now it’s being run for just one user account that for some reason had trouble with modsecurity2.

Aaron

]]>