GithubHelp home page GithubHelp logo

wprobot / fix-403-permission-denied-wordpress-mod-security Goto Github PK

View Code? Open in Web Editor NEW

This project forked from aprwebdesign/fix-403-permission-denied-wordpress-mod-security

0.0 1.0 0.0 8 KB

fix 403 permission denied wordpress mod security

fix-403-permission-denied-wordpress-mod-security's Introduction

fix-403-permission-denied-wordpress-mod-security

fix 403 permission denied wordpress mod security

#Usage

Insert in apache2.conf

inside virtual host -> between and

like:

<VirtualHost 12.11.11.11:8080>

    ServerName domain.com
    ServerAlias www.domain.com
    ServerAdmin [email protected]
    DocumentRoot /home/admin/web/domain.com/public_html
    ScriptAlias /cgi-bin/ /home/admin/web/domain.com/cgi-bin/
    Alias /vstats/ /home/admin/web/domain.com/stats/
    Alias /error/ /home/admin/web/domain.com/document_errors/
    #SuexecUserGroup admin admin
    CustomLog /var/log/apache2/domains/domain.com.bytes bytes
    CustomLog /var/log/apache2/domains/domain.com.log combined
    ErrorLog /var/log/apache2/domains/domain.com.error.log
    <Directory /home/admin/web/domain.com/public_html>
        AllowOverride All
        Options +Includes -Indexes +ExecCGI
        php_admin_value open_basedir /home/admin/web/domain.com/public_html:/home/admin/tmp
        php_admin_value upload_tmp_dir /home/admin/tmp
        php_admin_value session.save_path /home/admin/tmp
    </Directory>
    <Directory /home/admin/web/domain.com/stats>
        AllowOverride All
    </Directory>
    
<LocationMatch "/>
SecRuleRemoveById 910006 # Google robot activity - Useful in someways but noisy for sites where you want them crawled
SecRuleRemoveById 960015 # Request Missing an Accept Header -  Allow for Google Reader
</LocationMatch>

<LocationMatch "/wp-includes/">
SecRuleRemoveById 960010 # Request content type is not allowed by policy - Allows for amongst other things spell check to work on admin area
SecRuleRemoveById 960012 # Require Content-Length to be provided with every POST request - Same as above
</LocationMatch> 

<LocationMatch "(/wp-admin/|/wp-login.php)">    
SecRuleRemoveById 950005 # Remote File Access Attempt - This rule probably doesn't need to be disabled by everyone but it stops me putting /etc/ in posts and other such linux paths.
SecRuleRemoveById 950117 # Remote File Inclusion Attack - Disable to allow http:// to be passed in args
</LocationMatch>

<LocationMatch "(/wp-admin/post.php|/wp-admin/options.php|/wp-admin/theme-editor.php|/wp-includes/)">
SecRuleRemoveById 950006 # System Command Injection - Another rule that probably doesn't need to be disabled by everyone it stops .exe and various other extensions being passed in args.
</LocationMatch>
   
</VirtualHost>

Goodluck

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.