Issues with Mail Poet 3 & mod_security (solved)

  • Resolved rafaelgrether

    (@rafaelgrether)


    3 years, 1 month ago

    Hello,

    There is an issue with Mail Poet 3 & mod security Apache module, due to a possible admin-ajax.php vulnerability.

    Please, do not disable mod_security!

    Change modsecurity/coreruleset/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf

    And add directive below:

    SecRule REQUEST_URI “@beginsWith /wp-admin/admin-ajax.php” \
    “id:1001, \
    allow, \
    ctl:ruleEngine=Off”

    It is a exclusion rule to avoid rulesets blocks.

  • The topic ‘Issues with Mail Poet 3 & mod_security (solved)’ is closed to new replies.