ABHIONLINUX
Site useful for linux administration and web hosting

2009/09/24

How to disabe Mod_Security2 for a domain

SecFilterEngine Off cannot be used in .htaccess, for Mod_Security 2 instead SecRuleEngine should be used.

If you get an error in apache error logs that this entry cannot be used here, use the following method instead.

Open either modsec2.conf or the modsec2/whitelist.conf in /etc/httpd/conf/ directory and put the following entry

SecRule SERVER_NAME "Domain_name" phase:1,nolog,allow,ctl:ruleEngine=off

No comments:

Post a Comment