Comments on: Wordpress version 2.6 & ModSecurity http://www.inliniac.net/blog/2008/07/16/wordpress-version-26-modsecurity.html Everything inline. Tue, 06 Jan 2009 09:08:07 +0000 http://wordpress.org/?v=2.7 hourly 1 By: Victor Julien http://www.inliniac.net/blog/2008/07/16/wordpress-version-26-modsecurity.html/comment-page-1#comment-12218 Victor Julien Mon, 08 Dec 2008 16:28:30 +0000 http://www.inliniac.net/blog/?p=127#comment-12218 I don't know what those errors mean, sorry. You should probably ask the ModSecurity authors. I don’t know what those errors mean, sorry. You should probably ask the ModSecurity authors.

]]> By: Meade http://www.inliniac.net/blog/2008/07/16/wordpress-version-26-modsecurity.html/comment-page-1#comment-12199 Meade Sat, 06 Dec 2008 21:16:34 +0000 http://www.inliniac.net/blog/?p=127#comment-12199 This is what I'm using. SecRule REQUEST_FILENAME “/wp-login.php” “chain,msg:’WORDPRESS wp-login.php redirect_to credentials stealing attempt’,severity:2,t:normalisePath” SecRule ARGS:/^\s*redirect_to$/ “^(?:ht|f)tps?\://(.*)$” “chain,capture” SecRule TX:1 “!@beginsWith %{SERVER_NAME}” When I use the first secrule, I get "SecRule takes two or three arguments, rule target, operator and optional action list" The 2nd gives me "Error parsing actions: Unknown action: \xe2\x80\x9cchain" And the 3rd gives me "Error parsing actions: Unknown action: %{SERVER_NAME}\xe2\x80\x9d" Not sure where the error is, but this is driving me mad. Any ideas? This is what I’m using.

SecRule REQUEST_FILENAME “/wp-login.php” “chain,msg:’WORDPRESS wp-login.php redirect_to credentials stealing attempt’,severity:2,t:normalisePath”

SecRule ARGS:/^\s*redirect_to$/ “^(?:ht|f)tps?\://(.*)$” “chain,capture”

SecRule TX:1 “!@beginsWith %{SERVER_NAME}”

When I use the first secrule, I get “SecRule takes two or three arguments, rule target, operator and optional action list”

The 2nd gives me “Error parsing actions: Unknown action: \xe2\x80\x9cchain”

And the 3rd gives me “Error parsing actions: Unknown action: %{SERVER_NAME}\xe2\x80\x9d”

Not sure where the error is, but this is driving me mad. Any ideas?

]]> By: Victor Julien http://www.inliniac.net/blog/2008/07/16/wordpress-version-26-modsecurity.html/comment-page-1#comment-12183 Victor Julien Thu, 04 Dec 2008 07:50:19 +0000 http://www.inliniac.net/blog/?p=127#comment-12183 Please carefully check the use of quotes. I noticed before that when I copy/paste from this blog the quotes are sometimes messed up. Please carefully check the use of quotes. I noticed before that when I copy/paste from this blog the quotes are sometimes messed up.

]]> By: Meade http://www.inliniac.net/blog/2008/07/16/wordpress-version-26-modsecurity.html/comment-page-1#comment-12179 Meade Wed, 03 Dec 2008 17:57:44 +0000 http://www.inliniac.net/blog/?p=127#comment-12179 I'm using ModSecurity 2.5.7 and Wordpress 2.6.5, but when I try to implement this rule apache/modsecurity won't start with this message "SecRule takes two or three arguments, rule target, operator and optional action list" Is this just a syntax error with me using the latest modsecurity? I’m using ModSecurity 2.5.7 and Wordpress 2.6.5, but when I try to implement this rule apache/modsecurity won’t start with this message “SecRule takes two or three arguments, rule target, operator and optional action list”

Is this just a syntax error with me using the latest modsecurity?

]]>