WordPress MU

I noticed a lot of links on my site were returning 403 errors. Events like trying to login, or show thumbnails etc.

So I went into the server error logs and found the following example:

mod_security: Access denied with code 403. Pattern match "\\\\.php\\\\?(([a-zA-Z0-9\\\\-\\\\_\\\\.\\\\[\\\\]]*)=(http|https|ftp))" at REQUEST_URI [id "6600001"][rev "1"] [msg "Hsphere Rules 1: experimental rule for most php application attacks. Report false positives"] [severity "CRITICAL"] [hostname "blog.mywebsite.net"] [uri "/wp-login.php?redirect_to=http%3A%2F%2Fblog.mywebsite.net%2F"] [unique_id "SYzuasz1K2IAAGeVDM4"]

This happens anytime there is a redirect rule in the url.

this is actualy a good thing, other than wpmu not working lol..

question:
Is there a mod_security exception list available for wpmu so I don't have to make my own?

How does everyone else handle this issue?

Obviously I would not want to disable mod_security as it's actually doing a great job blocking a ton of garbage attacks.

From my experience, using mod_security is a pain.
BTW, are you on HSphere?

We had this problem awhile back. I *thought* there was something in the readme file about it but I'm not seeing it.

Please try the solution from this post. I think it's what solved the problem:

http://wordpress.org/support/topic/126502?replies=7#post-610874

Edit: Also make sure the last six lines from this file are in your .htaccess file:

http://trac.mu.wordpress.org/browser/trunk/htaccess.dist

Venturemaker: Yes I run Hsphere and so far it has been good to me.

tdjcbe: Thanks for the links, though they both talk about basically disabling mod_security which imho is just plain wrong and dangerous.

As the links that would cause problems in wpmu are obviously the same for everyone, does anyone care to share their rule sets for wpmu?