How to disable ModSecurity (Web Application Firewall) in cPanel

269ac00f765508cb74b25d006dbf5bb2

Written by Dennis Nind

Last published at: February 8th, 2019

To protect your websites, we use a commercially available ruleset on our Web Application Firewall, which is called 'ModSecurity'. Mod_security is an apache module that helps to protect your website from various attacks. It is used to block commonly known exploits by use of regular expressions and rule sets and is enabled on all Brixly servers by default. 

Mod_Security can potentially block common code injection attacks which strengthens the security of the server. 

If you need to disable the mod_security rules we can show you how, and help you do so. When coding a dynamic website, sometimes users forget to write code to help prevent hacks by doing things such as validating input. 

Mod_security can help in some cases those users that run sites that don't have security checks in their code.

http://www.webapp.com/login.php?username=admin'">DROP%20TABLE%20users--

This is a simple SQL injection, where visiting this would cause the database to DROP and delete the users' table from the database. 

If you are running Mod_security on your server it will block this from running. Typically, you would see a 406 error in this case if mod_security is enabled. You set up rules for Mod_security to check http requests against and determine if a threat is present. 

Recognizing Mod_security is pretty easy. Any website that calls a string forbidden by a mod_security rule will give a 406 error instead of displaying the page. 

On our shared servers, if you would like to disable mod_security for one or all of your domains, this can be done using our Modsec manager plugin for cPanel. If you'd like to simply disable a certain rule that is being triggered instead of disabling mod_security for the entire domain, please contact our support team. If you are a VPS or Dedicated customer you can disable mod_security for the entire server as well. This can be accomplished in WHM by selecting "No Configuration" from WHM >Mod Security. Please take note, that mod_security is enabled as an extra layer of security and removing it can expose you to potential risks. (cPanel >> Home >> Security >> ModSecurity)

Overview

This interface allows you to enable or disable ModSecurity™ for your domains, and is accessible via cPanel -> ModSec

Configure All Domains

To enable or disable ModSecurity for all of your domains, click Enable or Disable.

Configure Individual Domains

To enable or disable ModSecurity for a specific domain, select On or Off.