Difference between revisions of "How to disable mod security per vhost"
From Brian Nelson Ramblings
(Created page with "==How to disable mod_security per vhost== ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web serv...") |
(No difference)
|
Latest revision as of 15:12, 6 June 2015
Contents
How to disable mod_security per vhost
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks.
Disable mod_security version 2
You will want to add the following to the vhost file to disable mod_security2
<IfModule mod_security2.c> SecRuleEngine Off </IfModule>
Disable mod_security version 1
You will want to add the following to the vhost file to disable mod_security
<IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule>
Disable mod_security for a specific directory
Sometimes you only want to disable mod_security for a specific directory
Add the following to disable the wp-admin folder for wordpress
<IfModule mod_security2.c> <LocationMatch /wp-admin/> SecRuleEngine Off </LocationMatch> </IfModule>