Quote:
Originally Posted by edenent
Hello I had been using shared hosting for along time to run my sites. Well the other day I got a vps running centos5 and using cpanel/whm. I have used easy appache and enabled mod_security, and im using the gotroot rules. What im looking to do sence only one of the 3 sites I have on the vps is broken because of the rules is how do I set AllowOverride for just that one virtualhost so I can use htacces to SecFilterEngine Off. Im somewhat of a linux noob, so please use easy terms  . |
Depending on how Mod_Security has been compiled on your server,
you may or may not have the option of turning off Mod_Security using
the "
SecFilterEngine Off" in your web hosting account .HTACCESS file.
You keep asking about "
AllowOverride" in your post above, but that is really
not the issue here at all. Some people don't realize that Mod_Security
can be optionally compiled at install time so as to to not allow any website
to override the security settings via .HTACCESS and this option was created
for a good reason as Mod_Security would be pretty if every website could
just simply "
Turn it Off" and you will find that more and more servers have
this option setup as the default with no "
SecFilterEngine Off" commands!
Instead of turning off Mod_Security, which defeats the entire purpose
of you having security setup in the first place, I would recommend that
you instead find out which rules are being triggered for the site having
problems and write in exceptions to those rules so that they are no
longer being triggered anymore. A simple review of your log file at
/usr/local/apache/logs/modsec_audit.log will tell you very quickly
what rule is getting triggered and why it is getting triggered and
from that, you should be able to add a custom exemption rule for
the site if you find the rule should not be triggered. In some cases,
you may find the web site is actually doing something it should not
be doing and you might find you actually want to leave the rule in place
and instead change out the offending program on the web site instead.
On a different but related note ...
Now one thing that does concern me is you mentioning that you
are running a VPS server and that you are using the ruleset from
"Got Root" for Mod_Security. Those two items almost seem like
an oxymoron in the same sentence together as VPS servers are
far too often very limited in resources compared to real actual
dedicated servers and running extra processes like Mod_Security
or a large ruleset as you find with the "Got Root" rules could
be very taxing resource wise on a server with such limited
resources as you commonly find with most VPS servers.