Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

how to exlude mod_security

Discussion in 'Security' started by richenou, Dec 31, 2007.

  1. richenou

    richenou Well-Known Member
    PartnerNOC

    Joined:
    Feb 17, 2004
    Messages:
    86
    Likes Received:
    0
    Trophy Points:
    156
    hi
    how to exclude a site from mod_security rules in apache 2?
    with .htaccess?

    thanks
     
  2. richenou

    richenou Well-Known Member
    PartnerNOC

    Joined:
    Feb 17, 2004
    Messages:
    86
    Likes Received:
    0
    Trophy Points:
    156
    here is the log , the site run SPIP:



    [31/Dec/2007:11:57:42 +0100]
    Pattern match "iframe\\x20" at REQUEST_LINE.

    [31/Dec/2007:11:57:42 +0100] 6dnb2cEiEcQAAC6cOa8AAAAC 82.124.31.222 60101 193.34.17.196 80
    --afd04315-B--
    GET /ecrire/?exec=iconifier&type=id_article&id_article=277&script=articles&iframe=iframe HTTP/1.1
    Accept: */*
    Referer: http://www.free-xxx.com/ecrire/?exec=articles&id_article=277
    Accept-Language: fr
    UA-CPU: x86
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.2)
    Host: www.free-xxxx.com
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: spip_accepte_ajax=1; __qca=1199060222-25673677-48201742; __qcb=1456048064; __utma=122799964.2024313330.1199096419.1199096419.1199098639.2; __utmb=122799964.1; __utmc=122799964.1; __utmz=122799964.1199096419.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); spip_session=1_c11fce5bcaef31a92d18a7e7332fdbf2; spip_admin=%40mattos19

    --afd04315-F--
    HTTP/1.1 406 Not Acceptable
    Content-Length: 390
    Keep-Alive: timeout=15, max=57
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1

    --afd04315-H--
    Message: Access denied with code 406 (phase 2). Pattern match "iframe\\x20" at REQUEST_LINE.
    Action: Intercepted (phase 2)
    Stopwatch: 1199098662869977 1013 (630 854 -)
    Producer: ModSecurity v2.1.4 (Apache 2.x)
    Server: Apache/2.0.61 (Unix) mod_ssl/2.0.61 OpenSSL/0.9.8b mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 PHP/5.2.4
     
  3. richenou

    richenou Well-Known Member
    PartnerNOC

    Joined:
    Feb 17, 2004
    Messages:
    86
    Likes Received:
    0
    Trophy Points:
    156
    I added in the .htacces file:


    <IfModule mod_security.c>
    SecFilterEngine Off
    SecFilterScanPOST Off
    </IfModule>
     
  4. madan.cpanelnet

    madan.cpanelnet Well-Known Member

    Joined:
    Apr 1, 2006
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    INDIA
    Only the following should be enough in .htaccess ...........

    SecFilterEngine Off
    SecFilterScanPOST Off
     
  5. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    If you use "rule numbers" in your mod_security config you can actually specify which rule numbers are not to be run on a certain directory, rather than simply turning it off completely, which could prove risky as time goes on.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Bailey

    Bailey Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    120
    Likes Received:
    1
    Trophy Points:
    318
    Location:
    Wisconsin
    brianoz, I have wondered if this was possible ... that would be perfect ... any chance you have an example of how to do that exactly? Pretty please??? :D

    :D Bailey
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice