Smart questions
Smart answers
Smart people
Join Tek-Tips Forums
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login




Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.
Jobs from Indeed

Link To This Forum!

Partner Button
Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Disable modsec2 on a per-domain basis

Kirsle (Programmer) (OP)
20 Feb 08 8:14
I have a site hosted on a shared server with a web hosting company I work at. It's a CPanel/WHM-managed server with Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.5

I need mod_security to be disabled just for my domain names, because I have a page named "about" and this always turns up a 406 Not Accepted error page, because the word "about" trips mod_security's rules.

I did some Google searches on how to do this and found the following things that could be added to .htaccess:

CODE

SecFilterEngine Off
SecFilterScanPOST Off

This gets a 500 Internal Error with:

CODE

[Wed Feb 20 08:11:06 2008] [alert] [client 69.16.222.179] /home/cuvou/public_html/.htaccess: Invalid command 'SecFilterEngine', perhaps misspelled or defined by a module not included in the server configuration

I found this one that's allegedly for modsec2:

CODE

SecRuleEngine Off

That gets

CODE

[Wed Feb 20 08:13:15 2008] [alert] [client 69.16.222.179] /home/cuvou/public_html/.htaccess: SecRuleEngine not allowed here

The only way I could find to disable it for my domain is to manually edit the whitelist file at /usr/local/apache/conf/modsec2/whitelist.conf. It seems like there should be a better way to do it.

-------------
Cuvou.com | My personal homepage
Project Fearless | My web blog

Kirsle (Programmer) (OP)
5 Apr 08 16:14
I got an e-mail asking how I did this, so here's what I had to do:

Edit /usr/local/apache/conf/modsec2/whitelist.conf and add these lines:

CODE

SecRule SERVER_NAME "cuvou.com" phase:1,nolog,allow,ctl:ruleEngine=off
SecRule SERVER_NAME "cuvou.net" phase:1,nolog,allow,ctl:ruleEngine=off
SecRule SERVER_NAME "cuvou.org" phase:1,nolog,allow,ctl:ruleEngine=off
SecRule SERVER_NAME "kirsle.net" phase:1,nolog,allow,ctl:ruleEngine=off

etc. for each domain. Luckily my server had other whitelisted domains so I just had to copy the syntax for each of my domains.

-------------
Cuvou.com | My personal homepage
Project Fearless | My web blog

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close