After upgrading my site to version 3.5.2 a few days ago I now have a problem where I can't create new posts or preview posts. And once I try to publish a post, I then can't log back into my Admin panel for a while. (I have seen others reporting similar behavior following the 3.5.2 upgrade.)
After enabling error log collection on my server, it looks like this is a ModSecurity problem - for some reason when I try to create a post, it thinks that I am "bot" and then blocks my IP address from logging in through the Admin page for a while. Here is an example from my server error logs:
[Tue Jul 09 10:33:19 2013] [error] [client 173.197.98.2] ModSecurity: Access denied with connection close (phase 3). Pattern match "block" at TX:evalaction. [file "/web/httpd2/modsecurity.d/activated_rules/modsecurity_gd_07_post_guardian.conf"] [line "25"] [id "10705"] [msg "BLOCKED - Bot detected! Score: 44"] [hostname "mcmikephoto.com"] [uri "/wp-admin/post.php"] [unique_id "UdxJX7iomGYAAAMt2yEAAAA6"]
[Tue Jul 09 10:33:38 2013] [error] [client 173.197.98.2] ModSecurity: Access denied with connection close (phase 3). Pattern match "block" at TX:evalaction. [file "/web/httpd2/modsecurity.d/activated_rules/modsecurity_gd_07_post_guardian.conf"] [line "25"] [id "10705"] [msg "BLOCKED - Botnet IP found!"] [hostname "mcmikephoto.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "UdxJcriomGYAAG7nS78AAAC5"]
My provider is GoDaddy (which from what I have seen is not a good thing when it comes to problems like this.) Any suggestions on what I should ask GoDaddy to do would be much appreciated. (Unfortunately, I a m on a shared server so don't have control over everything on the server.)
Thanks!
