I just got an Apache error trying to post to Wordpress … it wasn’t a huge post, but certainly long enough I didn’t want to type it all over again. I checked the server logs and saw mod_security trumpeting its “Generic SQL injection protection” … I’d included some SQL (well, GQL, but from Apache’s point of view, similar enough to cause problems) in the body of my post.
What to do?
Jump on SSH – add in a .htaccess file with the following instruction:
SecFilterEngine Off
.. then go back to the error from Wordpress / Apache and reload, reposting the form. Bingo.
Of course this is a dangerous setting – one that should be switched off again straight away – but it helps to be able to do this kind of realtime configuration hacking with Apache … good old .htaccess saved the day.
Recent Comments