What is mod_security?

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server, IIS and NGINX.

Mod_security is an apache module that helps to protect your website from various attacks. The whole idea behind Mod Security is that it has a series of rules that are applied when certain functions are required to happen on your website.

When certain functions are performed mod_security will run through it’s rules and make sure that nothing bad is going to happen to your website. Some functions required by Wordpress that may be affected are updating or adding Posts, Pages and uploading images and saving images.

This is great in theory but it relies on the fact that you don’t do certain things, and these are things that some dynamic systems need to do.

However, these rules can be disabled on a per script basis, and this formed the grounding for my fix. The way to fix the issue was to disable certain rules for certain scripts on the site, thus allowing the desired behaviors to occur.