The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to exclude a domain of mod_security ?

Discussion in 'Security' started by capoinfra, Mar 3, 2010.

  1. capoinfra

    capoinfra Well-Known Member

    Joined:
    Oct 25, 2007
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Uruguay
    Hello,

    In RHEL/cPanel 11.x server i have a WordPress that is causing 404 error when I try to publish a log post.

    I know is mod_security that is causing this problem.

    I tried with different codes in the .htaccess file but doesn't works or show "error 500" in the web.

    Temporally I set "SecRule Off" in global configuration but it's not secure.

    My intention is exclude the domain from mod_security protection.

    Any suggestion please?

    Thanks.-
     
  2. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    38
    Kindly check the apache error logs for the exact error message. You can get the logs by login to your SSH at /usr/local/apache/logs/error_log. Also which version of mod_security are you using?
     
  3. capoinfra

    capoinfra Well-Known Member

    Joined:
    Oct 25, 2007
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Uruguay
    Is the 2.5.6 version.

    The error_log was about SecFilterEngine...

    I tried to disable it with different codes in .htaccess but doesn't works.

    The problem is that mod_security block the post when it's long and "404 not found" is the result.

    Thank you.-
     
  4. capoinfra

    capoinfra Well-Known Member

    Joined:
    Oct 25, 2007
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Uruguay
  5. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    38
    You cannot by pass the mod security rules from .htaccess in modsecurity2. You will have to require to create global whitelist configuration file to bypass certain rules based on the action.
     
  6. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    I am a little confused because on one hand you talk about globally removing just the rule as being insecure and then go on to talk about completely excluding the domain from mod_security entirely which seems to be completely counterproductive to your own statements.

    I would recommend rewriting the specific rule better so it doesn't cause false triggers for that specific item.

    Short of that, make an exclusion for that rule just for that domain only.

    Blindly turning off mod_security is something like taking a sledge hammer to kill a fly! :D
     
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,460
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
Loading...

Share This Page