Course press Pro giving 406 mod security error

When I have course press pro active, I cannot login to my admin through wordpress. When I disable the plugin, I can log in. It gives me a 406 error blocked my mod security. The hosting company when I contacted them said it was an error in the plugin. I did a fresh install of Wordpress and only have WPMU plug-ins installed.

  • Kasia Swiderska
    • Support nomad

    Hello Miles,

    Is there a chance your hosting provider could provide more information about this error? I could not replicate this issue on my site.

    Also could you check debug.log for your WordPress site? To enable it, open your wp-config.php file and look for define(‘WP_DEBUG’, false);. Change it to:

    define('WP_DEBUG', true);

    In order to enable the error logging to a file on the server you need to add yet one more similar line:

    define( 'WP_DEBUG_LOG', true );

    In this case the errors will be saved to a debug.log log file inside the /wp-content/directory.

    Depending on whether you want your errors to be only logged or also displayed on the screen you should also have this line there, immediately after the line mentioned above:

    define( 'WP_DEBUG_DISPLAY', false );

    The wp-config.php is located in your WordPress root directory. It’s the same file where the database configuration settings are. You will have to access it by FTP or SFTP in order to edit it. I would need then to see contents of the debug.log file - so please paste it to the text file and attach to post.

    kind regards,
    Kasia

    • Miles
      • WPMU DEV Initiate

      Quick update.

      I was able to contact my hosting provider and do some debugging.

      It turns out that Mod Security is having a problem because of the redirect that the Coursepress Pro plugin does when logging in to the /course-dashboard/ instead of the usual area that wordpress admin logs in to.

      So, in other words, when I go to mysite.com/wp-admin it open the login screen. I log in and it gives me the error. We disabled mod security and I log in from the same place and it takes me to mysite.com/course-dashboard instead of to the usual wp-admin panel. I have to then click "dashboard" from the dropdown of my site name along the top bar to get to the usual area. This re-direct that Coursepress does is what is creating the issue. Is there a way to disable the automatic re-direct for just mysite.com/wp-admin/? I think that would fix it. My other alternative that I've found so far is to whitelist my IP address for mod-security, but I'd prefer a more complete fix where I can log in from any location of course.

      Let me know your thoughts. Since I've found what I believe the issue is, should I still run debugging or is this enough information?

      Thanks!
      -Miles

  • Kasia Swiderska
    • Support nomad

    Hello Miles,

    Actually redirect option is only for students. If its enabled and your admin user is redirected to students dashboard that only mean that your user is added as student to one of the courses. Removing your admin user from students list should disable redirects for that user.

    Can you ask your hosting provider what exact mod_security rule CoursePress is hitting with that redirect?

    kind regards,
    Kasia

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.