Today, I ran into a problem I didn’t expect. I was trying to save a menu on WordPress and got a ‘404 Page Not Found’ error. It’s a weird issue, isn’t it? If you’re dealing with this too, let’s figure out together how to fix it.
Problem:
You’re seeing a 404 error when you try to save a WordPress menu. The problem goes away if you turn off ModSecurity.
Why This Happens:
ModSecurity uses a set of rules to protect your website. Sometimes, these rules mistakenly block harmless actions (like saving your menu), which is what’s happening here.
ModSecurity is an open-source web application firewall (WAF) that protects websites from various types of attacks. It inspects incoming server traffic and applies rules designed to block common threats like SQL injections and cross-site scripting. Compatible with multiple web servers like Apache, Nginx, and IIS, it enhances security through real-time traffic monitoring and analysis.
How to Fix It:
Turning off ModSecurity can fix this, but it’s not recommended because it leaves your website unprotected. Here are safer solutions:
- Update your rules: If your ModSecurity rules are old, updating them might fix the issue.
- Switch ModSecurity to ‘Detection Only’ mode: This lets you see what ModSecurity would block without actually blocking it, so you can figure out what’s causing the problem.
- Allow certain actions: You can create a rule that allows saving a WordPress menu.
- Turn off the problem rule: If one rule is causing the problem, you can turn it off. Just be careful not to leave your site unprotected.
With these steps, you can solve the issue and keep your website safe and working smoothly.