IndianWebPortal.com

Something Different In Linux

Home » Knowledge » Disable Mod-Security only for the perticular directories or files.

Disable Mod-Security only for the particular directories or files.

If the server logs shows the error with id “ “]

[Mon Oct 12 16:11:20 2009] [error] [client 121.15.245.215] ModSecurity: Access denied with code 400 (phase 2). Pattern match “^\\w+:/” at REQUEST_URI_RAW. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “26”] [id “960014“] [msg “Proxy access attempt”] [severity “CRITICAL”] [tag “PROTOCOL_VIOLATION/PROXY_ACCESS”] [hostname “www.domain.com“] [uri “/index.php“] [unique_id “StNHGF5MxosAACUwIYQAAAAD”]

You can disable mod-security by using two ways.

1) You can add following rules in .htaccess file

===============================
#For mod secuity 2

<IfModule mod_security2.c>
<LocationMatch “/index.php“>
SecRuleRemoveById 960014
</LocationMatch>
</IfModule>
===============================
#For mod secuity 1

<IfModule mod_security.c>
<Location /index.php>
SecFilterRemove 960014
</Location>
</IfModule>
===============================

or

2) You can disable it by using http.conf file.

open the httpd.conf file and search the domain.com and remove the conment from below line

# Include “/usr/local/apache/conf/userdata/username/domain.com/*.conf”
to
Include “/usr/local/apache/conf/userdata/username/domain.com/*.conf”

then create the directory

mkdir -p /usr/local/apache/conf/userdata/username/domain.com/

vi /usr/local/apache/conf/userdata/username/domain.com/allow.conf

and the mod-security rule.

===============================
#For mod secuity 2

<IfModule mod_security2.c>
<LocationMatch “/index.php“>
SecRuleRemoveById 960014
</LocationMatch>
</IfModule>
===============================
#For mod secuity 1

<IfModule mod_security.c>
<Location /index.php>
SecFilterRemove 960014
</Location>
</IfModule>
===============================

If the server does not shows the ID

Mon Nov 23 18:45:39 2009] [error] [client 91.84.93.229] ModSecurity: Access denied with code 406 (phase 2). Pattern match “^Shockwave Flash” at REQUEST_HEADERS:User-Agent. [file “/usr/local/apache/conf/modrules2/useragents.conf”] [line “169”] [hostname “www.domain.com”] [uri “/gifs/paypal.gif”] [unique_id “SwrYU9WvwhAAAFNbNscAAACS”]

then

1) You can add following rules in .htaccess file

<IfModule mod_security.c>
<Files gifs/paypal.gif>
SecFilterInheritance Off
</Files>
</IfModule>

Done

Note : Replace the domain.com equal to orginal domain name, “/index.php equal to exact file path which is mention the error and ” 960014″ equal to the original id which is in the error.

One Response so far.

  1. zx81 says:

    LocationMatch directive CANNOT be used in .htaccess


Popular Posts

remove index.php fro

How to remove index.php from url in magento Ans : If you ...

PHP-Java bridge on p

  What is php-java bridge? The php-java bridge is the php ...

Set expiration for y

If you want to set the expiration to your site ...

Warning: Parameter 1

Error: Warning: Parameter 1 to modMainMenuHelper::buildXML() expected to be a ...

domain pointing to e

If you domain uses external MX record and it is ...