Opened 14 years ago
Closed 14 years ago
#14413 closed defect (bug) (invalid)
MOD_SECURITY BLOCK
Reported by: | mrgerbeck | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.0 |
Component: | General | Keywords: | close |
Focuses: | Cc: |
Description
Wordpress 3.0 Generates the following MOD_SECURITY2 error when attempting to use the "widgets" function:
[Sun Jul 25 03:21:23 2010] [error] [client 76.95.181.93] ModSecurity: Access denied with code 500 (phase 4). Pattern match "<b>Warning<
/b>.{0,100}?:.{0,1000}?
bon line
b" at RESPONSE_BODY. [file "/usr/local/etc/apache22/Includes/mod_security2/modsecurity_crs_50_outbound.conf"] [line "42"] [id "970009"] [msg "PHP Information Leakage"] [severity "WARNING"] [tag "LEAKAGE/ERRORS"] [hostname "[snip]"] [uri "/wp-admin/widgets.php"] [unique_id "[snip]"]
Change History (2)
Note: See
TracTickets for help on using
tickets.
Something is outputting a PHP warning on the page. Thats a pretty moronic Mod_security rule which would be better served with the production server running with appropriate PHP error_reporting value.
If you're running WP_DEBUG on that server, you'll need to disable it in order to view any pages which emit PHP Warnings.
Can you check your Logs to see if a PHP Warning is being logged? It might help pinpoint if it a WordPress generated warning, or the result of a plugin. (Actually, Disable plugins & switch to the default theme, see if that lets you view the page)