Last week Peter David signed an exclusive deal with Marvel Comics. *This was originally posted at, but I moved it over here after turning that site into a photo blog. So, the moral of the story is: If you use Flock, and you can’t get it to tie into your self/third-party-hosted WordPress blog… check the ModSecurity settings.
SecFilterSelective HTTP_Content-Type "!(^application/x-www-form-urlencoded$|^multipart/form-data |^text/xml$)" SecFilterSelective REQUEST_METHOD "!^(GET|HEAD)$" chain
I’ll have to decide whether it’s worth keeping XMLRPC enabled, or whether I’m better off restoring the original rule. A quick check of the audit logs, and there it was.įor now, I’ve loosened the content-type requirement slightly. I found the 403 error in the server logs, checked the error log for detail, and saw the mod_security reference. This time, with a newer version of Flock, I decided to investigate. I just figured it was a problem with my version of WordPress and left it at that. So by the time I tried setting up Flock, it didn’t occur to me to check the mod_security log. Part of the sample filter-one that I kept because it seemed a reasonable precaution-was to block POST requests with content types other than application/x-There weren’t any problems reported, and none of the false positives I saw in the logs were related to the request content-type. It turned out to be a setting in mod_security, an Apache module designed to limit attacks on web applications. Flock hid the error and just told me something went wrong setting up the account.) The site is running on a stand-alone WordPress install, and I kept getting 403 Forbidden errors. I reinstalled Flock today and figured out what was preventing it from talking to my self-hosted blog, K-Squared Ramblings.
0 kommentar(er)
