An error occurred while updating Wordpress: Could not create directory

Operating system: Debian
OS version: 9

attempting to update a wordpress on virtual server and i get the following error…(individual plugins also fail to update as well)

Update WordPress

Downloading update from https://downloads.wordpress.org/release/wordpress-5.7.2-new-bundled.zip…

The authenticity of wordpress-5.7.2-new-bundled.zip could not be verified as no signature was found.

Unpacking the update…

Could not create directory.

Installation failed.

The most recent virtual server error immediately after i try to run automatic wordpress update is as follows:

[Sat Jun 26 10:06:09.823147 2021] [:error] [pid 17096:tid 140560237025024] [client 180.149.125.175:25979] [client 180.149.125.175] ModSecurity: Warning. Pattern match “[1]+$” at REQUEST_HEADERS:Host. [file “/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf”] [line “793”] [id “920350”] [rev “2”] [msg “Host header is a numeric IP address”] [data “104.156.233.188”] [severity “WARNING”] [ver “OWASP_CRS/3.0.0”] [maturity “9”] [accuracy “9”] [tag “application-multi”] [tag “language-multi”] [tag “platform-multi”] [tag “attack-protocol”] [tag “OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST”] [tag “WASCTC/WASC-21”] [tag “OWASP_TOP_10/A7”] [tag “PCI/6.5.10”] [hostname “104.156.233.188”] [uri “/”] [unique_id “YNZvcWic6bwAAELIs2MAAAAQ”]

I dont even know what this log file error means for problem solving the wordpress core auto update issue

EDIT
I changed setting in mod security such that
SecRuleEngine DetectionOnly

restarted apache

still get the same error when i try to run wordpress core updates.


  1. \\d.: ↩︎

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.