<<< Date Index >>>     <<< Thread Index >>>

Re: HYSA-2006-005 WordPress 2.0.1 Remote DoS Exploit



if you're using mod_security, try a variant of this ruleset:

SecFilterSelective "THE_REQUEST" "wp-register.php" "id:1004,deny,log,status:412"

#SecFilterRemove 1004 <- use this to remove the rule per virtual host, 
uncommented.