However when I login to a wordpress site I get blocked by fail2ban, I checked the modsec_audit.log and I see it logged the all the html code from the site.
How can I prevent this from happening?
A part form being blocked I noticed that when a user is logged in to wordpress everything in logged to modsec_audit.log, by everything I mean the html/php code from wordpress site which makes the log huge.
Please provide us your mod_security configuration.
Are you using CWAF rules or other ruleset?
What version of mod_security do you have?
What web-server installed (Apache, LiteSpeed, Nginx)?
Do you have any web hosting panel on your server (cPanel, Plesk etc) ?
If you using CWAF rules are you using CWAF plugin or vendor?
Seems you installed mod_security and some ruleset as dependency ( core rule set? ).
With CWAF enabled you don’t need configuration file ( /etc/httpd/conf.d/modsecurity.conf ) from this ruleset.
Please rename it to some other name so it’s directives will not interfere with CWAF modsecurity directives:
Now when I login to a wordpress site no more html code is loaded into modsec log.
I hope this does not indicate some misconfiguration ???