Question

这是我的第一个问题所以请耐心等待。

我过去几天在我们的某个网站上遇到了模式安全问题，我刚刚完成网站，几个小时后我得到了模式秒问题，我们的网站被阻止了。我第二天又重新安装了网站，但是有一天我们遇到了同样的问题。

我们在linux服务器上使用.htaccess。

搜索了一下之后，我将下面的代码放在根文件夹上的<IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule> <files wp-config.php> order allow,deny deny from all </files>文件中以禁用modsec

    [Sat Aug 01 10:18:34 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||fuHs7JDWgpPKJJWn3rIyohyr0p8fOH3ndnb9yO76kA73fogyMMX9DBW6YZ2vsCFj||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/wp-content/themes/landx/images/favicon.ico"] [unique_id "VbxPoWf3YKwAAKm1VsYAAAAT"]
    [Sat Aug 01 10:35:23 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||fuHs7JDWgpPKJJWn3rIyohyr0p8fOH3ndnb9yO76kA73fogyMMX9DBW6YZ2vsCFj||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/wp-admin"] [unique_id "VbxTk2f3YKwAAO3nZtcAAAAS"]
    [Sat Aug 01 10:35:24 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||fuHs7JDWgpPKJJWn3rIyohyr0p8fOH3ndnb9yO76kA73fogyMMX9DBW6YZ2vsCFj||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/wp-admin/"] [unique_id "VbxTlGf3YKwAAO3nZtgAAAAS"]

    [Sat Aug 01 12:00:36 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-login.php"] [unique_id "VbxnjGf3YKwAAOSijfsAAAAL"]
    [Sat Aug 01 12:00:37 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/css/login.min.css"] [unique_id "VbxnjWf3YKwAAOU@ptgAAAAx"]
    [Sat Aug 01 12:01:15 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-scripts.php"] [unique_id "Vbxns2f3YKwAAN76FGEAAAAF"]
    [Sat Aug 01 12:01:15 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-styles.php"] [unique_id "Vbxns2f3YKwAAOfO6OUAAAAI"]
    [Sat Aug 01 12:01:15 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-scripts.php"] [unique_id "Vbxns2f3YKwAAOfr6qcAAAAQ"]

    [Sat Aug 01 12:01:47 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||kdcosaYUpuxKKO3sDkfmEmXSizoN/XqD9vVzQtcDNHd1w6GMPyOMOI/ADewJtIxL||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/"] [unique_id "Vbxn02f3YKwAAOT0leQAAAAb"]
    [Sat Aug 01 12:01:49 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||kdcosaYUpuxKKO3sDkfmEmXSizoN/XqD9vVzQtcDNHd1w6GMPyOMOI/ADewJtIxL||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/wp-content/plugins/perch-shortcodes/includes/icon-picker/css/icon-picker.css"] [unique_id "Vbxn1Wf3YKwAAOT0leUAAAAb"]
    [Sat Aug 01 12:01:49 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||kdcosaYUpuxKKO3sDkfmEmXSizoN/XqD9vVzQtcDNHd1w6GMPyOMOI/ADewJtIxL||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/wp-content/plugins/perch-shortcodes/includes/icon-picker/fonts/genericons/genericons.css"] [unique_id "Vbxn1Wf3YKwAAOgC7KkAAAAT"]
    [Sat Aug 01 20:37:30 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||G8YMUoA8BA9GL73Si3nQmApSUTQnMBhMYMhiXf8gVXJFq6ldEWfH7jJa0YgRoQqh||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/wp-admin/"] [unique_id "Vbzgsmf3YKwAADBaHVUAAAAZ"]
    [Sat Aug 01 20:37:32 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||G8YMUoA8BA9GL73Si3nQmApSUTQnMBhMYMhiXf8gVXJFq6ldEWfH7jJa0YgRoQqh||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/wp-admin/"] [unique_id "VbzgtGf3YKwAADBaHVoAAAAZ"]
    [Sat Aug 01 20:37:59 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-login.php"] [unique_id "Vbzgz2f3YKwAADSlwJsAAAAR"]
    [Sat Aug 01 20:38:00 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/css/login.min.css"] [unique_id "Vbzg0Gf3YKwAACjZuQoAAAAI"]
    [Sat Aug 01 20:38:08 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-styles.php"] [unique_id "Vbzg2Gf3YKwAADLfV8UAAABC"]
    [Sat Aug 01 20:38:09 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-scripts.php"] [unique_id "Vbzg2Wf3YKwAADLmXk8AAABJ"]
    [Sat Aug 01 20:38:09 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-scripts.php"] [unique_id "Vbzg2Wf3YKwAADLoYCMAAABL"]
    [Sat Aug 01 20:38:14 2015] [error] [client 123.252.231.21] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:__tawkuuid. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6184"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:__tawkuuid: e||mysite.com||m1oJVSsPih8J2ec6wViZal4GWUzYifsz/dr8q6jOJwscxEBZVnOyse/Bwos9aZ8s||2"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mysite.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Vbzg3mf3YKwAADSGtsQAAAAF"]
    [Sat Aug 01 20:38:21 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/themes.php"] [unique_id "Vbzg5Wf3YKwAADSXuw8AAAAL"]
    [Sat Aug 01 20:38:23 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-scripts.php"] [unique_id "Vbzg52f3YKwAADSEs@0AAAAC"]
    [Sat Aug 01 20:38:26 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-styles.php"] [unique_id "Vbzg6mf3YKwAADSEs@4AAAAC"]
    [Sat Aug 01 20:38:27 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/load-scripts.php"] [unique_id "Vbzg62f3YKwAADSkv8UAAAAQ"]
    [Sat Aug 01 20:38:40 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/themes.php"] [unique_id "Vbzg@Gf3YKwAADLnX1EAAABK"]
    [Sat Aug 01 20:41:44 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-login.php"] [unique_id "VbzhsGf3YKwAADjzJCIAAAAz"]
    [Sat Aug 01 20:41:44 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-login.php"] [unique_id "VbzhsGf3YKwAADj8KmcAAAA8"]
    [Sat Aug 01 20:41:45 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/css/login.min.css"] [unique_id "VbzhsWf3YKwAADjwIksAAAAw"]
    [Sat Aug 01 20:41:46 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-login.php"] [unique_id "Vbzhsmf3YKwAADj8KmsAAAA8"]
    [Sat Aug 01 20:41:48 2015] [error] [client 123.252.231.21] ModSecurity: Warning. Match of "eq 1" against "&ARGS:CSRF_TOKEN" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "6033"] [id "981143"] [msg "CSRF Attack Detected - Missing CSRF Token."] [hostname "mysite.com"] [uri "/wp-admin/css/login.min.css"] [unique_id "VbzhtGf3YKwAADj7KbMAAAA7"]

该网站工作一天后，网站再次停止。

现在我们遇到了这个错误;

此网页不可用ERR_CONNECTION_REFUSED

有时只是文本加载我找不到其他资产的404。

当我与托管人交谈时，他们说网站正在正常加载，并且它在整个地球上正常运行。

我也无法ping通，但我可以正确检查我的网站速度测试。我可以正常访问其他网站，我的防火墙，防病毒软件没有阻止我检查过。

我已经和我们的托管人员谈过他们说你有sql注入问题请看mod sec日志文件。

请注意：我有大约4000行日志文件我只是删除公共行作为限制

请提供帮助，并提前致谢

{{1}}

Answer 1

这些是关闭ModSecurity v1的旧方法，它们不适用于v2，我猜你主机正在使用v1现在非常非常老，而且因为你使用的是最新的OWASP规则（ 2.2.9）与v1不兼容。

要删除ModSecurity v2的各个规则，可以在.htaccess文件中使用以下内容（请注意不同的IfModule语句）：

<IfModule mod_security2.c>
  SecRuleRemoveById 981319
  SecRuleRemoveById 981143
</IfModule>

要完全关闭ModSecurity，您应该使用：

<IfModule mod_security2.c>
  SecRuleEngine Off
</IfModule>

然而，这意味着你将失去它提供的所有安全保护，所以我建议第一个选项。但是你确实需要密切注意这一点，以防将来有任何误报。

modsecurity问题wordpress网站加载问题

1 个答案: