BuddyPress Login Error
Today, with nothing changing or updating on our site the buddy press login window started conflicting with mod security by making the system thinking its attacking the server.
Here is the log file:[Thu Jul 06 21:33:11.121851 2017] [:error] [pid 154425:tid 140301400565504] [client 220.127.116.11] ModSecurity: Access denied with code 406 (phase 2). Operator GE matched 1 at TX:brute. [file “/etc/apache2/conf.d/imh-modsec/40_wordpress.conf”] [line “27”] [id “13052”] [msg “POST to wp-login.php without redirect_to”] [severity “WARNING”] [tag “WEB_ATTACK/SHELL ACCESS”] [hostname “imaginationfoundry.com”] [uri “/wp-login.php”] [unique_id “WV7k15TLd2QCsB7B20pwjQAABwM”]
My host is not able to help me, Inmotionhosting.com.
Any ideas as now no one is able to login where they know to login. You can log into the system just fine at the wp url of php-login.php etc. so its the buddypress login window.
- You must be logged in to reply to this topic.