mod_security Blocking Form Contents

Michael Mihalyfi

Registered
Jun 19, 2016
1
0
1
Manchester, UK
cPanel Access Level
Website Owner
mod_security Blocking Form Contents (IE: Textboxes containing URL Links)

If a TextBox has a URL (starting with HTTP) as its contents, submitting the form triggers a FORBIDDEN error, I have tracked this down to a setting in "mod_security" which is possibly designed to prevent SQL Injection Attacks.

I need to disable this option in "mod_security", How can I do this on cPanel?

PS: I get my cPanel account through Zen Internet if this makes a difference.
 

rpvw

Well-Known Member
Jul 18, 2013
1,088
446
113
UK
cPanel Access Level
Root Administrator
As a website owner, you can disable all of mod security for a domain in cPanel (assuming your provider has made it available to you) in the Security > Mod Security settings.

You would need to talk to your server administration to make changes to individual rules that might be interfering with your forms.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello,

You will need to contact your hosting provider if you want a specific Mod_Security rule whitelisted for your account. You could also enable or disable Mod_Security for one or all domain names associated with your account if your hosting provider has enabled ModSecurity Domain Manager for your account:

ModSecurity Domain Manager - Documentation - cPanel Documentation

Thank you.
 
  • Like
Reactions: Michael Mihalyfi

quizknows

Well-Known Member
Oct 20, 2009
1,008
86
78
cPanel Access Level
DataCenter Provider
For the love of God please don't disable modsecurity for your domain entirely. It provides essential protections for you.

Generally these issues can be resolved by whitelisting a rule or two. If you do not have root, your hosting provider should be experienced in resolving these issues.

If their answer is disabling modsecurity for your domain, find a new host.