How to disable mod_security2 rule for one domain?

[Kh@lid]

Hello,

I'm getting this error message:

Code:

Not Acceptable

An appropriate representation of the requested resource /admin/index.php could not be found on this server.

And I've been told that I have to add this in .htaccess:

Code:

<IfModule mod_security.c>
   SecFilterEngine Off
   SecFilterScanPOST Off
</IfModule>

Which is impossible now.

I've tried to add it in httpd.conf but didn't solve the problem.

How can I solve this? OR Disable mod_sec on one domain?

[bidhata]

Code:

<IfModule mod_security.c>
SecRuleEngine Off
</IfModule>

this will work ...

[vittle]

Quote:

Originally Posted by bidhata

Code:

<IfModule mod_security.c>
SecRuleEngine Off
</IfModule>

this will work ...

This does not seem to work after a while. Instead, we used this method to disable it for specific domains:

The only way to bypass mod_security2 in Apache 2 is to manually edit httpd.conf. However, as cPanel autogenerates this, one must directly edit the httpd template files that cPanel uses to generate the httpd.conf. Namely, in /var/cpanel/templates/apache2/vhost.default

Add the following line before the </VirtualHost> closing tag

Code:

[% IF vhost.servername == 'domain.com' || vhost.servername == 'domain2.com' -%]
## CUSTOM RULE BY POLURNET.COM TO BYPASS MOD_SECURITY2 FOR SPECIFIC DOMAINS
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
[% END -%]

After adding this, you must also remember to re-generate the template (run /usr/local/cpanel/bin/build_apache_conf) and restart Apache/httpd, otherwise changes won't take effect.

[sparek-3]

Just create a directory:

mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain.com

Then create a file:

/usr/local/apache/conf/userdata/std/2/username/domain.com/mod_security.conf

In that file add:

<IfModule mod_security.c>
SecRuleEngine Off
</IfModule>

Save it.

Then run:

/scripts/ensure_vhost_includes --user=username

[ovisopa]

Any new/simple way to disable mod_security2 for just one domain .. after 2 years of this thread was started ??

I'm using cPanel 11.24.4-S35075 - WHM 11.24.2 - X 3.9
Apache2 / suPHP / mod_security2

I found a comment on a blog:

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off

this should be added to modsec2.conf ?

For now, to solve the problem one website had with a flash uploader I have removed the rule marked with red, on the bellow code

#spam bots
SecRule HTTP_User-Agent "DTS Agent"
SecRule HTTP_User-Agent "POE-Component-Client"
SecRule HTTP_User-Agent "WISEbot"
SecRule HTTP_User-Agent "^Shockwave Flash"
SecRule HTTP_User-Agent "Missigua"

10x