Disable Mod Security for a specific domain

If Apache is compiled with SuPhp and Mod Security, do the following:
mkdir -p /usr/local/apache/conf/userdata/std/2/<USERNAME>/<DOMAIN NAME>
Then create a mod_security conf file:

touch /usr/local/apache/conf/userdata/std/2/<USERNAME>/<DOMAIN NAME >/mod_security.conf
Using your favorite Linux Text editor such as pico or vi, add the following directive(s) in that file:

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
Save the file and then run:

/scripts/ensure_vhost_includes –user=USERNAME

If Apache is NOT compiled with SuPhp and Mod Security, do the following:

You can implement one of the following two options:

1. Add the following directive in .htaccess file:

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
If that didn’t work on your server ,

2. SSH to the server and add the following directive to /etc/httpd/conf/httpd.conf file:

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: