Wondering how to disable Mod_Security for a specific domain? We can help you.
Mod_Security is an apache module that secures the web servers from attacks.
But, misconfigured rules can even affect the overall functioning of the website.
As part of our Server Management Services, we assist our customers with several Mod_Security queries.
Today, we’ll see how our Support Engineers disable Mod_Security for a specific domain.
Disable Mod_Security rules for a specific domain?
Basically, the cPanel/WHM doesn’t provide an option to exclude mod_security rules for a domain.
Recently, we came across a customer who wishes to disable Mod_Security for his specific domain. Not a server-wide impact but only to a specific domain.
Our Support Engineers did help him solve the requirement effectively. Let us see the steps they employed in order to disable Mod_Security for his specific domain.
Disabling Mod_Security using plugin
In order to disable it, first, we install ‘ConfigServer Modsecurity Control’ plugin on the server.
One of the major advantages of using this plugin is an option to disable the rules by specifying the directory for the domain.
This is helpful since it disables Mod_Security for a specific domain rather than a server-wide change.
ConfigServer Mod_Security Control
Login to WHM >> Plugins >> ConfigServer Mod_Security Control
We can disable the rules that are blocking access to the domain using this Plugin.
The steps we follow are as follows:
- Select the user/domain in the Plugin.
- Then, click ‘Modify user whitelist’.
- Lastly, add the rules to it.
The most important step that our Support Engineers did was to check if the local IP address of the customer was blocked in the server firewall
Thus we disabled the Mod_Security rule for a specific domain.
[Need further assistance with Mod_Security rules? We are here for you]
In short, ConfigServer Modsecurity Control allows us to disable the rules that block access to a specific domain. Today, we saw how our Support Engineers disable it.