Enable gui for user to override modsec rules?


Jul 21, 2014
cPanel Access Level
Root Administrator
Is there a gui or method already for end users to override or append a modsec rule for just their account. I can see they can turn off modsec for domains. But was looking for a place to override specific rules required for applications.


Well-Known Member
Oct 20, 2009
cPanel Access Level
DataCenter Provider

jjozwik referenced that in his first post. Yes, there is a way for users to disable modsec entirely, but the domain manager does not yet support disabling individual rules (unfortunately). I have found a slight increase in hacked sites since users have been able to disable modsecurity for themselves, and I advise all of our customers to completely disable the modsecurity domain manager for their users because of this.

Hopefully, this will be added in the future so that users can disable individual rule IDs for their sites without such a major risk. Many of the hacked sites I worked on recently were hacked due to the cPanel user disabling ModSecurity on their own sites.

In the mean time you are left to modify the userdata includes files as referenced from httpd.conf to remove individual rule IDs on a per-site basis. This is also a feature of ConfigServer Modsec Control. You can insert lines into these files with "SecRuleRemoveByID $RULEID" to disable individual rules for the user/site.


Staff member
Apr 11, 2011
Hello :)

I could not find an existing feature request open for this, so it's likely a good idea to submit a feature request via:

Submit A Feature Request

This will allow users to track the implementation of the feature should our developers decide to implement it.

Thank you.