web analytics

Geeks Terminal

          Linux | Open Source | Web Hosting and more..

How to disable mod security

Posted by Abhijit Comments Off

apache logo

Here is quick guide about mod security and how to disable it for single domain.

The mod_security has two versions and the rules each of them different. Hence before adding rule one should be sure about its version.
The mod_security version can be found out by checking at location

/usr/local/apache/conf/mod*

where

mod_security.c = mod_security version 1
mod_security2.c = mod_security version 2

Let us see how various ways to disable mod_security

Remember to create a file at

/usr/local/apache/conf/userdata/std/1/username/webistname/allow.conf

for mod_security 1

and

/usr/local/apache/conf/userdata/std/2/username/webistname/allow.conf

for mod_security 2

Include the above file path in virutalhost entry of the domain

Include “usr/local/apache/conf/userdata/std/1/username/webistname/*.conf”

To disable mod_security 1 for complete domain

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

To disable mod_security 2 for complete domain

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>

To exclude  single mod_security 1 rule for a specific link

If Apache error log shows

[Mon Oct 12 16:11:20 2009] [error] [client 121.15.245.215] ModSecurity: Access denied with code 400 (phase 2). Pattern match “^\\w+:/” at REQUEST_URI_RAW. [file "/usr/local/apache/conf/modsec.user.conf"] [line "26"] [id "960014"] [msg "Proxy access attempt"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/PROXY_ACCESS"] [hostname "www.domain.com"] [uri "/index.php"] [unique_id "StNHGF5MxosAACUwIYQAAAAD"]

<IfModule mod_security.c>
<Location “/index.php”>
SecFilterRemove 960014
</Location>
</IfModule>

To exclude single mod_security 2 rule for a specific link

<IfModule mod_security2.c>
<LocationMatch “/index.php“>
SecRuleRemoveById 960014
</LocationMatch>
</IfModule>

To exclude complete mod_security 1  for specific link or complete folder

<LocationMatch /admin.php>
<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>
</LocationMatch>

<LocationMatch /wp-admin/>
<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>
</LocationMatch>

To exclude complete mod_security 2  for specific link or complete folder

<LocationMatch /admin.php>
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
</LocationMatch>

<LocationMatch /wp-admin/>
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
</LocationMatch>

 

 If any feedback, queries are always welcome!

The author is a Linux System Administrator and likes to blog.

Facebook Twitter LinkedIn Google+ 


Find helpful? Spread it!

Related posts:

  1. How to disable suhosin for particular domain
  2. How to create wildcard subdomains in Plesk
Categories: Apache

Comments are closed.