How to disable mod_security from .htaccess?

Collapse

Unconfigured Ad Widget

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • WarnerK
    replied
    Create a .htaccess file in the root of your web directory. Then add the following:

    <IfModule mod_security.c>

    SecFilterEngine Off

    SecFilterScanPOST Off

    </IfModule>

    Leave a comment:


  • RuskinF
    replied
    It is possible to do this, but most likely your host implemented mod_security for a reason. Be sure they approve of you disabling it for your own site.
    That said, this should do it;
    <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule> I hope this helps

    Leave a comment:


  • stanliv
    replied
    I generally first setup mod_security with EasyApache and the manually recompile and install mod_security over and replacing the Cpanel installation patched instead to disallow .htaccess overrides.

    Leave a comment:


  • ChristianC123
    replied
    To Disable mod security

    <IfModule mod_security2.c>
    SecRuleEngine Off
    </IfModule>


    Regards,
    Christian
    System Admin

    Leave a comment:


  • geturweb
    replied
    By Using this Code
    <IfModule mod_security2.c>
    SecRuleEngine Off
    </IfModule> you can secure your .htacess files Hire Linux Reseller Hosting with geturweb at best and affordable prices

    Leave a comment:


  • linux7802
    replied
    Re: How to disable mod_security from .htaccess?

    Originally posted by ryan View Post
    How to disable mod_security from .htaccess?

    odSecurity is an open source embeddable web application firewall, or intrusion detection and prevention engine for web applications
    ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure, by operating as an Apache Web server
    module mod_security or standalone, and thus increase web application security
    If you’re using Apache web server (which mostly do), mod_security can be disabled by adding a specific in .htaccess file. Locate the .htaccess file in Apache web
    root directory (public_html or /var/www/ or others), if it does not exist, create a new file named .htaccess, and add in the following code:

    SecFilterEngine Off
    SecFilterScanPOST Off

    The above entries in the .htaccess will disable the ModSecurity (mod_security) module for the domain.
    I would like to recommend every one, do not disable the mod security for whole hosting account under which you are facing the problem. You can ask your host to disable the offending mod security rule because mod security is one of the greatest security tool to secure the web content to be hacked/injected..
    Last edited by linux7802; 01-06-2012, 09:41 AM. Reason: bold character

    Leave a comment:


  • Crish Bronzs
    replied
    Re: How to disable mod_security from .htaccess?

    mod_security is used to protect our website but it might cause some problems for certain web applications, especially in file uploads. My server has mod_security enabled and I encountered WordPress upload error: HTTP error
    Last edited by admin; 08-14-2015, 09:32 AM.

    Leave a comment:


  • linux7802
    replied
    Re: How to disable mod_security from .htaccess?

    Hi,

    If your domain hosted server is using Apache version 1 than you can only disable the mod security via .htaccess file but if your domain hosted server is using Apache version 2 than you can disable the mod security by using following code in servers main httpd.conf file under your domains virtual host entry.

    <IfModule mod_security2.c>
    SecRuleEngine Off
    </IfModule>

    Leave a comment:


  • Nashflower
    replied
    Re: How to disable mod_security from .htaccess?

    It is quite common that mod_security is interfering the functions of your web applications. mod_security is installed and enabled by your web server admin but you can still disable it for your individual website using .htaccess file by following this tutorial.

    Leave a comment:


  • d2hsean
    replied
    Re: How to disable mod_security from .htaccess?

    Hi,

    Just add the following code in your .htaccess:

    <IfModule mod_security.c>
    SecFilterEngine Off
    SecFilterScanPOST Off
    </IfModule>

    Leave a comment:


  • ryan
    started a topic How to disable mod_security from .htaccess?

    How to disable mod_security from .htaccess?

    How to disable mod_security from .htaccess in Linux?

    ModSecurity is an open source embeddable web application firewall, or intrusion detection and prevention engine for web applications
    ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure, by operating as an Apache Web server module mod_security or standalone, and thus increase web application security.
    Last edited by Marc_AccuWebHosting; 01-03-2018, 04:59 PM.
Working...
X