The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Any user can turn off mod_security!!!!!!

Discussion in 'cPanel Developers' started by rs-freddo, Feb 6, 2006.

  1. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
  2. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Not if you install it manually :D
     
  3. qwerty

    qwerty Well-Known Member

    Joined:
    Jan 21, 2003
    Messages:
    213
    Likes Received:
    0
    Trophy Points:
    16
    modsec can be turned off via .htaccess regardless of whether you've installed modsec through WHM or manually
     
  4. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    If it's compiled properly it can't be turned off.
     
  5. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    I have voted in good "hope".
    However, wouldn't just running following (and disabling aut update to this module in WHM) serve the purpose

    cd /usr/src/modsecurity-apache-1.9.1/apache1

    /usr/local/apache/bin/apxs -ci -D DISABLE_HTACCESS_CONFIG mod_security.c

    That should serve the purpose?

    I know it's just a matter of adding -D DISABLE_HTACCESS_CONFIG from cpanel to

    /var/cpanel/apachemod/modsecurity.apache

    but till then would/shouldn't the above be sufficient?

    TIA
    Anup
     
  6. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    cd /usr/src/modsecurity-apache-1.9.1/apache1
    /usr/local/apache/bin/apxs -ci -D DISABLE_HTACCESS_CONFIG mod_security.c

    restart httpd

    don't forget to Uncheck the checkbox "Install and Keep Updated" in WHM > Add on Modules for mod_security. Tried disabling mod_security in htaccess and got ISE so i presume that it works.

    Anup
     
  7. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    I know this is an old thread. however, it would still be great if cPanel would include an option to compile mod_security with DISABLE_HTACCESS_CONFIG.

    Mike
     
Loading...

Share This Page