1 min read

mod_security rules to prevent Wordpress 2.1.1 attack

[, simply update your httpd.conf with the following rules:

<IfModule mod_security.c> SecFilterEngine On SecFilterDefaultAction "deny,log,status:412"

`# RULES: Prevent Wordpress 2.1.1 attack


SecFilter “ix=” SecFilter “iz="`



And then restart Apache. Note that while this is an effective temporary workaround, upgrading is recommended. Also, any install other than 2.1.1 is not effected.