What is Mod_security and how to disable it?

Mod_security is a web application firewall that protects your website against various threats. It prevents the common exploits with regular expressions and mentioned rule set on it. Mod_Security strengthens the server security by blocking the common code injection attack. In this article, we will let you know how to disable the mod security manually.

Mod_security is helpful for those websites that don't have validating input or security checks. Such a website can receive an SQL injection with an HTTP request that can drop and delete a database table. Mod_security can block this kind of SQL injection to run on your server. If Mod_security is there on the server, it will give a message with a 403 error. Mod_security allows setting a rule that can prevent such type of HTTP request.

If you are running a Wordpress website with Mod_security enabled on the server, you may receive the 403 forbidden error while updating any post. It is because Mod_security recognizes it as code injection. Whenever you are updating any post on Wordpress, you can temporarily disable Mod_security on your cPanel. Please refer to How to disable Mod_security on cPanel? If you have a Dedicated Server or VPS Hosting, you can manage specific rules at your end, or you can disable the Mod_securiry from your server. However, disabling Mod_security is not a recommended option as it offers an extra layer of security on your server. 

How to Disable Mod_security on WHM?

  1. Log in to your WHM Panel.

  2. Inside the security center, click on Modsecurity Configuration. 

  3. You can disable the option as mentioned in the below screen capture, and it should disable all the rules for Mod_security.

How to Disable Mod_security Manually for a Single Domain using SSH?

You may require to disable the Mod_security for a single domain because some applications may not work properly with Mod_security. You can refer to the below steps to disable it. You should follow these steps only if you know the Linux command line or contact our support team.  Demovpstest.com is our domain here. You have to change it to your domain name.

  1. Log in to your server using SSH.

  2. Open your apache httpd.conf file located at /usr/local/apache/conf/httpd.conf and find the below virtual host entry for your domain. It could look like as below and uncomment the same line. 

    Include "/etc/apache2/conf.d/userdata/std/2_4/demovpstest/demovpstest.com/*.conf"
  3. Copy the above line and create a directory as per the below command. 

    mkdir -p /etc/apache2/conf.d/userdata/std/2_4/demovpstest/demovpstest.com
  4. Now, add the below rule to turn off the mod_security. 

    echo “SecRuleEngine Off” > /etc/apache2/conf.d/userdata/std/2_4/demovpstest/demovpstest.com/modsec.conf
  5. Restart the Apache service with the below command. 

    systemctl httpd restart

Was this answer helpful?

« Back