How to Disable a Specific Rule for Mod security on a Single Domain Print

  • 0

This article pertains specifically to Dedicated Servers and Virtual Servers. The apache configuration file and the associated Include file are not accessible to shared hosting customers. If you are encountering a 406 error on your site and you own a shared hosting account, Acenet staff will need to perform these steps. If you are the administrator of a Virtual or Dedicated server, you can follow this article to disable a specific mod_security rule for one of your domains.

This guide assumes Apache 2.x is running on your server. 

[1] Open the Apache config file via SSH with your favorite text editor:

/usr/local/apache/conf/httpd.conf

[2] Locate the VirtualHost entry for the domain you wish to disable the mod_security rule on.

[3] Near the end of the the user's VirtualHost entry, you'll see something like:

# To customize this VirtualHost use an include file at the following location
Include "/usr/local/apache/conf/userdata/std/2/<USERNAME>/<DOMAIN>/*.conf"

Note the path that is listed there. If you don't see this line near the end of the VirtualHost entry, create it. As long as it's created in the same format noted above, it will persist between Apache config rebuilds. Note that the domain <DOMAIN> must match the domain present within that VirtualHost entry and <USERNAME> must match the username.

[4] Create the *.conf file and any necessary folders in the path noted in step 3.

[5] Open the *.conf and add in these directives:

<IfModule mod_security2.c>
 SecRuleRemoveById ######
</IfModule>

Replace ###### with the actual Rule number

This will disable a specific mod_security rule and allow our modifications to persist between httpd.conf rebuilds.

[6] Restart Apache

service httpd graceful

You should now be able to visit the domain for which you disabled this rule without a 406 error being thrown.


Was this answer helpful?

« Back