How to disable mod_security2 rule for one domain?
Hello,
I'm getting this error message:
And I've been told that I have to add this in .htaccess:Code:Not Acceptable An appropriate representation of the requested resource /admin/index.php could not be found on this server.
Which is impossible now.Code:<IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule>
I've tried to add it in httpd.conf but didn't solve the problem.
How can I solve this? OR Disable mod_sec on one domain?
Regards,
Khalid
this will work ...Code:<IfModule mod_security.c> SecRuleEngine Off </IfModule>
Impossible = "I" "m" "Possible".
This does not seem to work after a while. Instead, we used this method to disable it for specific domains:Originally Posted by bidhata
The only way to bypass mod_security2 in Apache 2 is to manually edit httpd.conf. However, as cPanel autogenerates this, one must directly edit the httpd template files that cPanel uses to generate the httpd.conf. Namely, in /var/cpanel/templates/apache2/vhost.default
Add the following line before the </VirtualHost> closing tag
Code:[% IF vhost.servername == 'domain.com' || vhost.servername == 'domain2.com' -%] ## CUSTOM RULE BY POLURNET.COM TO BYPASS MOD_SECURITY2 FOR SPECIFIC DOMAINS <IfModule mod_security2.c> SecRuleEngine Off </IfModule> [% END -%]
After adding this, you must also remember to re-generate the template (run /usr/local/cpanel/bin/build_apache_conf) and restart Apache/httpd, otherwise changes won't take effect.
Just create a directory:
mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain.com
Then create a file:
/usr/local/apache/conf/userdata/std/2/username/domain.com/mod_security.conf
In that file add:
<IfModule mod_security.c>
SecRuleEngine Off
</IfModule>
Save it.
Then run:
/scripts/ensure_vhost_includes --user=username
Any new/simple way to disable mod_security2 for just one domain .. after 2 years of this thread was started ??
I'm using cPanel 11.24.4-S35075 - WHM 11.24.2 - X 3.9
Apache2 / suPHP / mod_security2
I found a comment on a blog:
SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off
this should be added to modsec2.conf ?
For now, to solve the problem one website had with a flash uploader I have removed the rule marked with red, on the bellow code
#spam bots
SecRule HTTP_User-Agent "DTS Agent"
SecRule HTTP_User-Agent "POE-Component-Client"
SecRule HTTP_User-Agent "WISEbot"
SecRule HTTP_User-Agent "^Shockwave Flash"
SecRule HTTP_User-Agent "Missigua"
10x
Re: How to disable mod_security2 rule for one domain?
Thanks that helped me with a similar issue.
Re: How to disable mod_security2 rule for one domain?
Close, make sure you anchor the end otherwise you may match on something else, and escape your "."s:SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off
this should be added to modsec2.conf ?
SecRule SERVER_NAME "\.example\.com$" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off"
https://www.atomicorp.com/wiki/index...ity_per_domain
And dont auditlog.
Michael Shinn
Prometheus Global - home of gotroot.com and Atomicorp and
Secure Your Server Now with Atomic Secured Linux!
LinkBack URL
About LinkBacks
Reply With Quote