Comments on: ModSecurity and Wordpress: Defense in Depth

By: eDDi Hughes

eDDi Hughes — Mon, 23 Nov 2009 21:14:06 +0000

Do you have any follow up in recent months? Thank you very much, I shall review!

By: BlogSecurity » Blog Archive » AskApache WordPress Hardening Plugin

BlogSecurity » Blog Archive » AskApache WordPress Hardening Plugin — Thu, 07 Aug 2008 21:51:33 +0000

[...] an interesting project to keep an eye on nonetheless. An alternative approach would be to utilise ModSecurity which is much more powerful then mod_rewrite and which can be applied at the web server layer. [...]

By: Ben Green

Ben Green — Sat, 12 Apr 2008 14:10:07 +0000

You say you’ve been testing them with WP 2.2.3..

Unfortunately in WP 2.5, in order to use the Media Gallery functionality, you have to use the directive:

SecFilterScanPOST Off

Have you got an updated version of this for WP 2.5?

BCG

By: ModSecurity and Wordpress | StuAnderson

ModSecurity and Wordpress | StuAnderson — Sun, 30 Mar 2008 16:21:48 +0000

[...] BlogSecurity » Blog Archive » ModSecurity and Wordpress: Defense in Depth 0 Comments So Far Tagged with: Aesthetics • Apache • Blog Archive • Defense In Depth • Focus • Malicious Attacks • Modsecurity • Personal Publishing • Security Functions • Security Professionals • State Of The Art • Usability • Vital Security • Web Application Security • Web Standards • Web Usability [...]

By: Hudecity.de » Blog Archiv » Rezept für scharf gewürztes Mod_Security mit Apache unter SuSE 10.2

Sun, 16 Mar 2008 00:09:20 +0000

[...] Ihr nun anfangen wollt, mit den regeln ein wenig zu spielen, schaut doch noch bei Blogsecurity vorbei. Hier gibt es z.B. einen feinen Regelsatz für Wordpress [...]

By: Daniel

Daniel — Fri, 07 Mar 2008 05:48:50 +0000

Dieter,

What a load of rubbish, ModSecurity v2 only works with Apache v2, and I know many serious webmasters (sites that handle 10 million plus hits a day) that still run on Apache 1.3x

Come one..

By: BlogSecurity » Blog Archive » WordPress Whitepaper and ModSecurity now available in Espanol

Thu, 06 Mar 2008 19:39:09 +0000

[...] of Samuel Aguilera we’re able to announce the instant availability of the Whitepaper and the ModSecurity Paper in Spanish. The translation is es_ES, but should be understandable as well for the other derivates [...]

By: DK

DK — Wed, 05 Mar 2008 13:27:12 +0000

dieter, ModSec v1 is still considered the stable version. ModSec v2 requires special compiling under a number of Linux distros.

Regardless, these rules should still work in v2.

By: dieter

dieter — Mon, 03 Mar 2008 14:55:46 +0000

Well, all i can say is that serious webmasters use modsecurity v2.x and not the v1.9 as used for the whitepaper.

By: Steveify | Securing Wordpress

Steveify | Securing Wordpress — Fri, 01 Feb 2008 12:29:56 +0000

[...] Read it on BlogSecurity. [...]