Skip to:
Content
Pages
Categories
Search
Top
Bottom

BuddyPress Login Error


  • imthinking
    Participant

    @imthinking

    Today, with nothing changing or updating on our site the buddy press login window started conflicting with mod security by making the system thinking its attacking the server.

    Here is the log file:[Thu Jul 06 21:33:11.121851 2017] [:error] [pid 154425:tid 140301400565504] [client 68.109.14.158] ModSecurity: Access denied with code 406 (phase 2). Operator GE matched 1 at TX:brute. [file “/etc/apache2/conf.d/imh-modsec/40_wordpress.conf”] [line “27”] [id “13052”] [msg “POST to wp-login.php without redirect_to”] [severity “WARNING”] [tag “WEB_ATTACK/SHELL ACCESS”] [hostname “imaginationfoundry.com”] [uri “/wp-login.php”] [unique_id “WV7k15TLd2QCsB7B20pwjQAABwM”]

    My host is not able to help me, Inmotionhosting.com.

    Any ideas as now no one is able to login where they know to login. You can log into the system just fine at the wp url of php-login.php etc. so its the buddypress login window.

    ??? Thanks.

Viewing 2 replies - 1 through 2 (of 2 total)

  • imthinking
    Participant

    @imthinking

    UPDATE INFO:

    Here is what Inmotion said:, Reviewing the provided error I am seeing that the function is being blocked by Mod Security due to “POST to wp-login.php without redirect_to”

    Did the popup login form from menu header change? I’ve never paid attention to it because it just worked as required 🙂 However, no one can login the way they have been used to logging in to the system.

    Any help in understanding this form and how I might resolve this issue is greatly appreciated.


    imthinking
    Participant

    @imthinking

    I resolved by enabling AJAX registration but not the solution I was looking for.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.
Skip to toolbar