In this article I'll show you how you can disable ModSecurity for a domain on your VPS (Virtual Private Server) or dedicated server. ModSecurity is used to block certain types of web requests that can help prevent you from possible attacks. However certain times a legitmate request could be getting blocked by ModSecurity, so knowing how to disable it is good knowledge.

If you're on a shared server and experiencing problem with 406 errors caused by ModSecurity you can follow my guide on how to disable ModSecurity via cPanel Modsec Manager.

In order to follow along with this guide, you'll need to have root access to your VPS or dedicated server so that you can create the required ModSecurity file on the server, and modify the Apache configuration file.

Enable ModSecurity include in httpd.conf

Following the steps below I'll walk you through how to modify your Apache httpd.conf configuration file so that you can include a ModSecurity rules file for the domain you'd like to disable ModSecurity for.

  1. Login to your server via SSH as the root user.
  2. Make a backup of your Apache configuration with the following command:

    cp -frp /usr/local/apache/conf/httpd.conf{,-BAK}

  3. Edit your Apache httpd.conf file with the vim editor with this command:

    vim /usr/local/apache/conf/httpd.conf

  4. Once in vim you can type in a forward slash / to enter search mode, you can then enter in the name of the domain you'd like to disable ModSecurity for and hit Enter to be dropped to that line.

    You should be at a <VirtualHost entry that looks something like this:

    <VirtualHost 123.123.123.123:80>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /home/userna5/public_html
    ServerAdmin webmaster@example.com
    UseCanonicalName Off
    CustomLog /usr/local/apache/domlogs/example.com combined
    CustomLog /usr/local/apache/domlogs/example.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
    ## User userna5 # Needed for Cpanel::ApacheConf
    <IfModule mod_suphp.c>
    suPHP_UserGroup userna5 userna5
    </IfModule>
    <IfModule !mod_disable_suexec.c>
    <IfModule !mod_ruid2.c>
    SuexecUserGroup userna5 userna5
    </IfModule>
    </IfModule>
    <IfModule mod_ruid2.c>
    RUidGid userna5 userna5
    </IfModule>
    ScriptAlias /cgi-bin/ /home/userna5/public_html/cgi-bin/

    # To customize this VirtualHost use an include file at the following location
    # Include "/usr/local/apache/conf/userdata/std/2/userna5/example.com/*.conf"

    </VirtualHost>

    You'll want to un-comment the Include line by removing the pound # symbol from the beginning of the line at the bottom. You can do this by navigating with the arrow keys till your cursor is over the # symbol, then just hit Delete on your keyboard:

    # Include "/usr/local/apache/conf/userdata/std/2/userna5/example.com/*.conf"

    So it should end up looking like this:

    Include "/usr/local/apache/conf/userdata/std/2/userna5/example.com/*.conf"

    Now to save the file, simply hold down Shift and hit ZZ on the keyboard, you should get this confirmation:

    "/usr/local/apache/conf/httpd.conf" 785L, 30554C written

  5. Finally run the cPanel Apache configuration distiller, to ensure your includes remain after future cPanel updates:

    /usr/local/cpanel/bin/apache_conf_distiller --update

    After running that you should get back:

    info [apache_conf_distiller] 'local' datastore in use (/var/cpanel/conf/apache/local)
    Distilled successfully

Create ModSecurity configuration file

Now that you've setup Apache to include a ModSecurity configuration file, you'll next want to create the appropriate directory and file that it's trying to load. Following the steps below I'll show you how to accomplish this.

  1. Run the following command to create the directory where we'll be placing our ModSecurity configuration file:

    mkdir -p /usr/local/apache/conf/userdata/std/2/userna5/example.com/

  2. Next use the following rule to create a ModSecurity configuration file with the SecRuleEngine option set to Off which disables ModSecurity completely for the domain:

    echo "SecRuleEngine Off" > /usr/local/apache/conf/userdata/std/2/userna5/example.com/modsec.conf

  3. Finally to make the new ModSecurity configuration file active, you need to restart the Apache service gracefully with the following command:

    service httpd graceful

    Now that Apache has been gracefully restarted the new ModSecurity configuration settings should be getting loaded, and in this case ModSecurity is completely disabled for our example.com domain now.

You should now understand how to completely disable ModSecurity for a domain on your VPS or dedicated server. If you wanted to leave ModSecurity enabled, but only wanted to disable certain ModSecurity rules that are getting triggered, then you can read my guide on how to find and disable specific ModSecurity rules.

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Like this Article?

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

News / Announcements

WordPress wp-login.php brute force attack
Updated 2014-07-17 06:43 pm EST
Hits: 200888

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!