How to disable mod_security for a particular domain

ARUN Post in MOD_SECURITY, PHP
0

In order to disable mod_security add the following code into the .htaccess file
<IfModule mod_security.c>
# Turn off mod_security filtering.
SecFilterEngine Off

# The below probably isn’t needed, but better safe than sorry.
SecFilterScanPOST Off
</IfModule>

/// If it is apache 2 then mod_security will be version2 so in that case use
SecRuleEngine Instead of SecFilterEngine

ie :

=========================================

<IfModule mod_security.c>
# Turn off mod_security filtering.
SecRuleEngine Off
SecFilterScanPOST Off
</IfModule>
====================================

DISABLE MOD_SECURITY on a single domain on mod_security2

vi /usr/local/apache/conf/httpd.conf

Search the virtual hosting such as mickgenie.com, uncommented(remove) the # from line as below.
Include “/usr/local/apache/conf/userdata/std/2/USERNAME/domain.com/*.conf

mkdir -p /usr/local/apache/conf/userdata/std/2/USERNAME/domain.com/

cd /usr/local/apache/conf/userdata/std/2/USERNAME/domain.com/

Then you will need to create a file named bypass_modsec.conf and insert the command as below.

================

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>

 

=====================

OR

vi /usr/local/apache/conf/httpd.conf

Before the Virtual host entry for the domain ends, add the below code :

=============

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>

=============

Save it and restart the Apache.

« Prev: :Next »

Leave a Reply

You must be logged in to post a comment.