Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to disable mod_security2 rule for one domain?

Discussion in 'Security' started by Kh@lid, Nov 17, 2007.

  1. Kh@lid

    Kh@lid Member

    Joined:
    Apr 29, 2003
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    151
    Hello,

    I'm getting this error message:
    Code:
    Not Acceptable
    
    An appropriate representation of the requested resource /admin/index.php could not be found on this server.
    And I've been told that I have to add this in .htaccess:
    Code:
    <IfModule mod_security.c>
       SecFilterEngine Off
       SecFilterScanPOST Off
    </IfModule>
    
    Which is impossible now.

    I've tried to add it in httpd.conf but didn't solve the problem.

    How can I solve this? OR Disable mod_sec on one domain?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. bidhata

    bidhata Member

    Joined:
    Mar 26, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    India
    Code:
    <IfModule mod_security.c>
    SecRuleEngine Off
    </IfModule>
    
    this will work ...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. vittle

    vittle Member

    Joined:
    Apr 18, 2004
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    151
    This does not seem to work after a while. Instead, we used this method to disable it for specific domains:

    The only way to bypass mod_security2 in Apache 2 is to manually edit httpd.conf. However, as cPanel autogenerates this, one must directly edit the httpd template files that cPanel uses to generate the httpd.conf. Namely, in /var/cpanel/templates/apache2/vhost.default

    Add the following line before the </VirtualHost> closing tag


    Code:
    [% IF vhost.servername == 'domain.com' || vhost.servername == 'domain2.com' -%]
    ## CUSTOM RULE BY POLURNET.COM TO BYPASS MOD_SECURITY2 FOR SPECIFIC DOMAINS
    <IfModule mod_security2.c>
    SecRuleEngine Off
    </IfModule>
    [% END -%]

    After adding this, you must also remember to re-generate the template (run /usr/local/cpanel/bin/build_apache_conf) and restart Apache/httpd, otherwise changes won't take effect.
     
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,720
    Likes Received:
    98
    Trophy Points:
    328
    cPanel Access Level:
    Root Administrator
    Just create a directory:

    mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain.com

    Then create a file:

    /usr/local/apache/conf/userdata/std/2/username/domain.com/mod_security.conf

    In that file add:

    <IfModule mod_security.c>
    SecRuleEngine Off
    </IfModule>


    Save it.

    Then run:

    /scripts/ensure_vhost_includes --user=username
     
  5. ovisopa

    ovisopa Member

    Joined:
    Apr 12, 2007
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    151
    Any new/simple way to disable mod_security2 for just one domain .. after 2 years of this thread was started ??

    I'm using cPanel 11.24.4-S35075 - WHM 11.24.2 - X 3.9
    Apache2 / suPHP / mod_security2

    I found a comment on a blog:

    SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off

    this should be added to modsec2.conf ?

    For now, to solve the problem one website had with a flash uploader I have removed the rule marked with red, on the bellow code

    #spam bots
    SecRule HTTP_User-Agent "DTS Agent"
    SecRule HTTP_User-Agent "POE-Component-Client"
    SecRule HTTP_User-Agent "WISEbot"
    SecRule HTTP_User-Agent "^Shockwave Flash"
    SecRule HTTP_User-Agent "Missigua"


    10x
     
  6. Ryein

    Ryein Registered

    Joined:
    Jan 28, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    51
    Thanks that helped me with a similar issue.
     
  7. mikegotroot

    mikegotroot Well-Known Member

    Joined:
    Apr 29, 2008
    Messages:
    85
    Likes Received:
    1
    Trophy Points:
    58
    Close, make sure you anchor the end otherwise you may match on something else, and escape your "."s:

    SecRule SERVER_NAME "\.example\.com$" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off"

    https://www.atomicorp.com/wiki/index.php/Mod_security#Disabling_Mod_security_per_domain

    And dont auditlog.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice