Mod security is an Apache module that helps to protect your website from various attacks. It is used to block commonly known exploits using regular expressions and rule sets. It blocks injection attacks which secure your server. We use mod_security1 for Apache1.x and mod_security2 for Apache2.x. In case of mod_security1, we can disable mod_security for a domain using .htaccess file.
If you need to disable mod_security for a domain in Apache1.x, then add the following in the .htaccess
SecFilterEngine Off
In Mod security2, if you wish to block it for a domain, then follow the steps below:
1. Create a folder with the domain name as instructed below:
# mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain.com
2. Then create a file vhost.conf in it
# vi /usr/local/apache/conf/userdata/std/2/username/domain.com/vhost.conf
3. Add the following contents in it:
(Disable modsecurity rule completely, use below rule)
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
Or
(Disable specific modsecurity rule, use below rule)
<IfModule mod_security2.c>
SecRuleRemoveById give_ruleID_here
</IfModule>
save it.
4. Finally, execute the following command
# /scripts/ensure_vhost_includes --user=username
This script will uncomment the following line in Apache configuration. It will customize the virtual host to use the particular include file and will restart Apache
Include “/usr/local/apache/conf/userdata/std/2/username/domain.com/*.conf”
That’s it!!!
No comments:
Post a Comment