5

Is there a way to dis-able mod-security for all websites? except one? i have more than 500 websites hosted, only want to turn it on for one website, which is having attacks on it.

Farhan
  • 4,210
  • 9
  • 47
  • 76

1 Answers1

10

Well I suppose it is possible if you enable the configuration for mod security either in .htaccess or in the virtual host apache configuration for that particular domain using something like this : 

<IfModule mod_security2.c>
    SecRuleEngine On
    ...... (any other directives you might want to override from the defaul conf)
</IfModule>

Also in /etc/httpd/conf.d/mod_security.conf, or wherever the defaul config is stored, set SecRuleEngine Off but leave the other directives in place.

thanosk
  • 950
  • 7
  • 16
  • care to point out where I was wrong and why the answer was not useful? Just so that I know where I got it wrong. I usually do the exact opposite because I might need to temporarily disable mod_security on a particular website while I figure the problem while having it enabled on all other websites – thanosk Mar 13 '13 at 08:36
  • I also don't see where this answer is wrong, and would be very interested to know. – Jenny D Mar 13 '13 at 08:42
  • 2
    Giving error: "/httpdocs/.htaccess: SecRuleEngine not allowed here" Also, for latest mod-security, it is mod_security2.c and its not SecFilterEngine but SecRuleEngine. – Farhan Mar 13 '13 at 09:25
  • You are actually quite correct on both points. Kick me on the head for checking an old test server for the actual configuration and doing a copy paste without thinking much. Sorry about that and leason learned. Now going back to the original question: if .htaccess is not allowed for whatever reason can you move the mod_security configuration the the virtual host apache configuration ? I mean completely remove modsec config from httpd.conf and move anything you might need to the virtual host. – thanosk Mar 13 '13 at 09:39
  • yes, moved the this configuraton portion to vhost configuration file, and its working now. Thanks – Farhan Mar 13 '13 at 09:50
  • no problems and sorry for messing up the original answer. answering too quickly and thinking too little really. – thanosk Mar 13 '13 at 09:52