How to disable mod_security2 rule for one domain?

[Kh@lid]

Hello,

I'm getting this error message:

Not Acceptable

An appropriate representation of the requested resource /admin/index.php could not be found on this server.

And I've been told that I have to add this in .htaccess:

<IfModule mod_security.c>
   SecFilterEngine Off
   SecFilterScanPOST Off
</IfModule>

Which is impossible now.

I've tried to add it in httpd.conf but didn't solve the problem.

How can I solve this? OR Disable mod_sec on one domain?

 

[bidhata]

<IfModule mod_security.c>
SecRuleEngine Off
</IfModule>

this will work ...

 

[vittle]

<IfModule mod_security.c>
SecRuleEngine Off
</IfModule>

this will work ...

This does not seem to work after a while. Instead, we used this method to disable it for specific domains:

The only way to bypass mod_security2 in Apache 2 is to manually edit httpd.conf. However, as cPanel autogenerates this, one must directly edit the httpd template files that cPanel uses to generate the httpd.conf. Namely, in /var/cpanel/templates/apache2/vhost.default

Add the following line before the </VirtualHost> closing tag

[% IF vhost.servername == 'domain.com' || vhost.servername == 'domain2.com' -%]
## CUSTOM RULE BY POLURNET.COM TO BYPASS MOD_SECURITY2 FOR SPECIFIC DOMAINS
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
[% END -%]

After adding this, you must also remember to re-generate the template (run /usr/local/cpanel/bin/build_apache_conf) and restart Apache/httpd, otherwise changes won't take effect.

 

[sparek-3]

Just create a directory:

mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain.com

Then create a file:

/usr/local/apache/conf/userdata/std/2/username/domain.com/mod_security.conf

In that file add:

<IfModule mod_security.c>
SecRuleEngine Off
</IfModule>

Save it.

Then run:

/scripts/ensure_vhost_includes --user=username

 

[ovisopa]

Any new/simple way to disable mod_security2 for just one domain .. after 2 years of this thread was started ??

I'm using cPanel 11.24.4-S35075 - WHM 11.24.2 - X 3.9
Apache2 / suPHP / mod_security2

I found a comment on a blog:

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off

this should be added to modsec2.conf ?

For now, to solve the problem one website had with a flash uploader I have removed the rule marked with red, on the bellow code

#spam bots
SecRule HTTP_User-Agent "DTS Agent"
SecRule HTTP_User-Agent "POE-Component-Client"
SecRule HTTP_User-Agent "WISEbot"
SecRule HTTP_User-Agent "^Shockwave Flash"
SecRule HTTP_User-Agent "Missigua"

10x

 

[Ryein]

Thanks that helped me with a similar issue.

 

[mikegotroot]

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off

this should be added to modsec2.conf ?

Close, make sure you anchor the end otherwise you may match on something else, and escape your "."s:

SecRule SERVER_NAME "\.example\.com$" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off"

https://www.atomicorp.com/wiki/index.php/Mod_security#Disabling_Mod_security_per_domain

And dont auditlog.