Results 1 to 12 of 12
  1. #1

    Mod_Security Rules against Wordpress hacks

    Could you advice some mod_security rules (or sources) to prevent hacking wordpress shells via theme upload. I am trying to keep the rules up to date but they come with other ways of hacking.

    Thank you.
    Last edited by emresavas; 01-03-2014 at 01:20 PM.

  2. #2
    You can get the free gotroot rules, check out

    They are updated regularly.

  3. #3
    Join Date
    Mar 2010
    Los Angeles - CA
    Is your wordpress updated ? Also it's a good idea to password protect the wp-admin directory . Gotroot (Atomicorp) rules are great and I've been using those for many years.

    Don't forget to harden your server from the core , when the core is not secured , web application firewalls and protections doesn't protect your server.
    HugeServer Neworks, LLC - AS25780
    High Quality / High Bandwidth Servers in Los Angeles and Jacksonville
    Focused on our customer needs ! Quality , Customer Service and Uptime
    [email protected] | 888-842-8570

  4. #4
    Join Date
    Mar 2009
    Besides 3rd party rules, WordPress allows you to disable the plugin and theme editor, and update/ installation too.
    You can also disable any upload via PHP if needed.
    ★ NinjaFirewall : Web Application Firewall for PHP and WordPress.
    ★ NinjaMonitoring : Monitor your website for suspicious activities.

  5. #5
    Atomicorp does not provide free/delayed set of rules any more.

    There are some new free rules from Comodo but not widely tested yet.

  6. #6
    Join Date
    Dec 2007
    Add following code in wp-config.php
    /** Disable File Editing  */
    define('DISALLOW_FILE_EDIT', true);
    /** Disable file modification including install and update of themes and plugins  */
    /** Ask for FTP details when uploading and installing themes and plugins  */
    define('FS_METHOD', 'ftpext');
    Now move wp-config.php file above public_html
    YagHost - Pure SSD Hosting | Since 2007 | Average Response Time: 15 min
    Web Hosting | Reseller Hosting | Managed VPS Hosting
    99.9% Server Uptime Guarantee | 24/7 Rapid Response Tech Support | 30 Day Money Back Guarantee - Web Hosting Tutorials

  7. #7
    Best way is to always secure your WordPress by using Better WP Security plugin. It would take only a couple of minutes for the entire process!

  8. #8
    Join Date
    Jan 2014
    WordPress use technology atomicorp add ASL and rules ASL here steps

    1.- Install mod_security

    2.- install rules

    best regards

  9. #9
    Join Date
    Nov 2004
    Quote Originally Posted by DDHP Security View Post
    WordPress use technology atomicorp add ASL and rules ASL here steps
    As stated above, ASL no longer distribute a free version of their rules.

  10. #10
    Join Date
    Jan 2014
    Fort Lauderdale
    Also fail2ban could be used, there is a config that tracks wordpress access in the log; when it picks up something suspect based on the settings, the offender is thrown into a jail.

  11. #11
    Join Date
    Nov 2013
    Please go through the below link on how to effectively fight against brute force attacks on wordpress

  12. #12
    Hello again, after nearly five months I come up with some information that how we dealed with this issue.

    *First we determined the old Wordpress installations and warned the users one by one.

    *Then we installed Configserver eXploit Scanner on all of our cPanel servers and scanned them. As we hoped CXS find all the malicious codes and cleaned them.

    *On third step we signed up to Atomicorp to get up-to-date mod_sec rules and we integrated it with ConfigServer ModSec plugin on every cPanel server.

    Now we are scanning every shared hosting account every night via ConfigServer CXS before the backup process. To sum up; these steps on above satisfied us and solved the problem. If you configure well your ConfigServer ModSec it catches nearly all harmful proccesses but I advice you to use CXS for deep investigation and detailed scans.

    If you have any addition or idea to this approach please clarify.
    Last edited by emresavas; 04-26-2014 at 05:13 PM. Reason: typo

Similar Threads

  1. Mod_security rules
    By ddrhost in forum Hosting Security and Technology
    Replies: 3
    Last Post: 01-23-2012, 03:06 PM
  2. mod_security rules
    By NameSniper in forum Hosting Security and Technology
    Replies: 4
    Last Post: 05-26-2009, 08:03 PM
  3. having 406 error in wordpress blog : mod_security Prb
    By bluearrow in forum Hosting Security and Technology
    Replies: 9
    Last Post: 05-07-2009, 01:59 AM
  4. mod_security 2 rules
    By WireNine in forum Hosting Security and Technology
    Replies: 2
    Last Post: 12-18-2008, 11:33 PM
  5. mod_security rules
    By ManXP in forum Hosting Security and Technology
    Replies: 4
    Last Post: 08-18-2008, 06:28 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts