How to disable mod security per vhost
From Brian Nelson Ramblings
Contents
How to disable mod_security per vhost
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks.
Disable mod_security version 2
You will want to add the following to the vhost file to disable mod_security2
<IfModule mod_security2.c> SecRuleEngine Off </IfModule>
Disable mod_security version 1
You will want to add the following to the vhost file to disable mod_security
<IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule>
Disable mod_security for a specific directory
Sometimes you only want to disable mod_security for a specific directory
Add the following to disable the wp-admin folder for wordpress
<IfModule mod_security2.c> <LocationMatch /wp-admin/> SecRuleEngine Off </LocationMatch> </IfModule>