The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to disable mod_security2 rule for one domain?

Discussion in 'Security' started by Kh@lid, Nov 17, 2007.

  1. Kh@lid

    Kh@lid Member

    Joined:
    Apr 29, 2003
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I'm getting this error message:
    Code:
    Not Acceptable
    
    An appropriate representation of the requested resource /admin/index.php could not be found on this server.
    And I've been told that I have to add this in .htaccess:
    Code:
    <IfModule mod_security.c>
       SecFilterEngine Off
       SecFilterScanPOST Off
    </IfModule>
    
    Which is impossible now.

    I've tried to add it in httpd.conf but didn't solve the problem.

    How can I solve this? OR Disable mod_sec on one domain?
     
  2. bidhata

    bidhata Member

    Joined:
    Mar 26, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    Code:
    <IfModule mod_security.c>
    SecRuleEngine Off
    </IfModule>
    
    this will work ...
     
  3. vittle

    vittle Member

    Joined:
    Apr 18, 2004
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    This does not seem to work after a while. Instead, we used this method to disable it for specific domains:

    The only way to bypass mod_security2 in Apache 2 is to manually edit httpd.conf. However, as cPanel autogenerates this, one must directly edit the httpd template files that cPanel uses to generate the httpd.conf. Namely, in /var/cpanel/templates/apache2/vhost.default

    Add the following line before the </VirtualHost> closing tag


    Code:
    [% IF vhost.servername == 'domain.com' || vhost.servername == 'domain2.com' -%]
    ## CUSTOM RULE BY POLURNET.COM TO BYPASS MOD_SECURITY2 FOR SPECIFIC DOMAINS
    <IfModule mod_security2.c>
    SecRuleEngine Off
    </IfModule>
    [% END -%]

    After adding this, you must also remember to re-generate the template (run /usr/local/cpanel/bin/build_apache_conf) and restart Apache/httpd, otherwise changes won't take effect.
     
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Just create a directory:

    mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain.com

    Then create a file:

    /usr/local/apache/conf/userdata/std/2/username/domain.com/mod_security.conf

    In that file add:

    <IfModule mod_security.c>
    SecRuleEngine Off
    </IfModule>


    Save it.

    Then run:

    /scripts/ensure_vhost_includes --user=username
     
  5. ovisopa

    ovisopa Member

    Joined:
    Apr 12, 2007
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Any new/simple way to disable mod_security2 for just one domain .. after 2 years of this thread was started ??

    I'm using cPanel 11.24.4-S35075 - WHM 11.24.2 - X 3.9
    Apache2 / suPHP / mod_security2

    I found a comment on a blog:

    SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off

    this should be added to modsec2.conf ?

    For now, to solve the problem one website had with a flash uploader I have removed the rule marked with red, on the bellow code

    #spam bots
    SecRule HTTP_User-Agent "DTS Agent"
    SecRule HTTP_User-Agent "POE-Component-Client"
    SecRule HTTP_User-Agent "WISEbot"
    SecRule HTTP_User-Agent "^Shockwave Flash"
    SecRule HTTP_User-Agent "Missigua"


    10x
     
  6. Ryein

    Ryein Registered

    Joined:
    Jan 28, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Thanks that helped me with a similar issue.
     
  7. mikegotroot

    mikegotroot Well-Known Member

    Joined:
    Apr 29, 2008
    Messages:
    85
    Likes Received:
    1
    Trophy Points:
    8
    Close, make sure you anchor the end otherwise you may match on something else, and escape your "."s:

    SecRule SERVER_NAME "\.example\.com$" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off"

    https://www.atomicorp.com/wiki/index.php/Mod_security#Disabling_Mod_security_per_domain

    And dont auditlog.
     
Loading...

Share This Page