---
title: "Disable ModSecurity for a domain"
description: "In this article I'll show you how you can disable ModSecurity for a domain on your VPS (Virtual Private Server) or dedicated server. ModSecurity is used to block certain types of web requests that..."
url: https://www.inmotionhosting.com/support/domain-names/disable-modsecurity-for-a-domain/
date: 2013-02-08
modified: 2021-08-16
author: "InMotion Hosting Contributor"
categories: ["Domain Names", "Security"]
type: post
lang: en
---

# Disable ModSecurity for a domain

In this article I'll show you how you can disable ModSecurity for a domain on your VPS (Virtual Private Server) or dedicated server. ModSecurity is used to block certain types of web requests that can help prevent you from possible attacks. However certain times a legitmate request could be getting blocked by ModSecurity, so knowing how to disable it is good knowledge.

If you're on a shared server and experiencing problem with 406 errors caused by ModSecurity you can follow my guide on how to [disable ModSecurity via cPanel Modsec Manager](/support/).

In order to follow along with this guide, you'll need to have [root access](/support/server/ssh/root-access-faq/) to your VPS or dedicated server so that you can create the required ModSecurity file on the server, and modify the Apache configuration file.

## Enable ModSecurity include in httpd.conf

Following the steps below I'll walk you through how to modify your Apache **httpd.conf** configuration file so that you can include a ModSecurity rules file for the domain you'd like to disable ModSecurity for.

1. [Login to your server via SSH](/support/server/ssh/how-to-login-ssh/) as the root user.
2. Make a backup of your Apache configuration with the following command: `cp -frp /usr/local/apache/conf/httpd.conf{,-BAK}`
3. Edit your Apache **httpd.conf** file with the **vim** editor with this command: `vim /usr/local/apache/conf/httpd.conf`
4. Once in **vim** you can type in a forward slash **/** to enter search mode, you can then enter in the name of the domain you'd like to disable ModSecurity for and hit **Enter** to be dropped to that line.You should be at a **<VirtualHost** entry that looks something like this: `<VirtualHost 123.123.123.123:80> ServerName example.com ServerAlias www.example.com DocumentRoot /home/userna5/public_html ServerAdmin webmaster@example.com UseCanonicalName Off CustomLog /usr/local/apache/domlogs/example.com combined CustomLog /usr/local/apache/domlogs/example.com-bytes_log "%{%s}t %I .n%{%s}t %O ." ## User userna5 # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup userna5 userna5 </IfModule> <IfModule !mod_disable_suexec.c> <IfModule !mod_ruid2.c> SuexecUserGroup userna5 userna5 </IfModule> </IfModule> <IfModule mod_ruid2.c> RUidGid userna5 userna5 </IfModule> ScriptAlias /cgi-bin/ /home/userna5/public_html/cgi-bin/ # To customize this VirtualHost use an include file at the following location **# Include "/usr/local/apache/conf/userdata/std/2/userna5/example.com/*.conf"** </VirtualHost> ` You'll want to un-comment the **Include** line by removing the pound **#** symbol from the beginning of the line at the bottom. You can do this by navigating with the arrow keys till your cursor is over the **#** symbol, then just hit **Delete** on your keyboard: `**#** Include "/usr/local/apache/conf/userdata/std/2/userna5/example.com/*.conf"` So it should end up looking like this: `Include "/usr/local/apache/conf/userdata/std/2/userna5/example.com/*.conf"` Now to save the file, simply hold down **Shift** and hit **ZZ** on the keyboard, you should get this confirmation: `"/usr/local/apache/conf/httpd.conf" 785L, 30554C written`
5. Finally run the cPanel Apache configuration distiller, to ensure your includes remain after future cPanel updates: `/usr/local/cpanel/bin/apache_conf_distiller --update` After running that you should get back: ` info 'local' datastore in use (/var/cpanel/conf/apache/local) Distilled successfully`

## Create ModSecurity configuration file

Now that you've setup Apache to include a ModSecurity configuration file, you'll next want to create the appropriate directory and file that it's trying to load. Following the steps below I'll show you how to accomplish this.

1. Run the following command to create the directory where we'll be placing our ModSecurity configuration file: `mkdir -p /usr/local/apache/conf/userdata/std/2/userna5/example.com/`
2. Next use the following rule to create a ModSecurity configuration file with the **SecRuleEngine** option set to **Off** which disables ModSecurity completely for the domain: `echo "SecRuleEngine Off" > /usr/local/apache/conf/userdata/std/2/userna5/example.com/modsec.conf`
3. Finally to make the new ModSecurity configuration file active, you need to restart the Apache service gracefully with the following command: `service httpd graceful` Now that Apache has been gracefully restarted the new ModSecurity configuration settings should be getting loaded, and in this case ModSecurity is completely disabled for our **example.com** domain now.

You should now understand how to completely disable ModSecurity for a domain on your VPS or dedicated server. If you wanted to leave ModSecurity enabled, but only wanted to disable certain ModSecurity rules that are getting triggered, then you can read my guide on how to [find and disable specific ModSecurity rules](/support/security/find-and-disable-specific-modsecurity-rules/).
