Skip to main content

Disable Mod Security for one domain

sahostking
Hi, I've been trying to assist a client who has been getting error 406 Not acceptable. It seems when disabling Mod security on his local machine it works fine but on our live server he gets this message. I tried the following: Created a directory: mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain.com Then created a file: touch /usr/local/apache/conf/userdata/std/2/username/domain.com/mod_security.conf In that file I added: SecRuleEngine Off I then ran: /scripts/verify_vhost_includes /scripts/ensure_vhost_includes --user=username /scripts/rebuildhttpdconf /etc/init.d/httpd restart To disable mod security for his domain but with no luck. Not sure why. Using Apache 2.4.9 with PHP5.4 Cloudlinux, CageFS ModSecurity2 with Atomic ruleset Any ideas? Obviously cannot turn it off to please 1 client as we host 1000s of sites. But we like to treat each client as our only one :)

Comments

9 comments

Date Votes
  • vanessa
    Can you make sure the include is set up in the user's vhost? The later commands you run should have done this, and your usage of the include is indeed correct. So perhaps the include just isn't, you know, included. In the user's vhost block, you should see something like this: Include "/usr/local/apache/conf/userdata/std/2/$user/*.conf"
    Also, just checking, but how are you concluding the modsec is NOT disabled? Are you getting errors, log hits, etc?
    0
  • Infopro
    Using this cPanel addon: [url=http://applications.cpanel.net/appcat/configserver-modsecurity-control]ConfigServer ModSecurity Control - cPanel Application Catalog Makes turning off a single rule, to a single website, easy.
    0
  • sahostking
    yes shows in logs and website still gives a 406 error. We also always had that addon installed and doesnt help.
    0
  • cPanelMichael
    [quote="sahostking, post: 1626812">yes shows in logs and website still gives a 406 error. We also always had that addon installed and doesnt help.
    Could you elaborate on how it does not help? For instance, have you tried disabling Mod_Security through that addon's native options? Also, what is the exact 406 error message you receive? Thanks.
    0
  • sahostking
    It does not disable. We still see errors about Mod Security. Yes we have tried disabling it with the options of Config Modsec Control aswell as doing the include trick in httpd.conf which also does nothing. We also now reran upcp --force with same result. Very strange --98802e25-B-- POST /admin/structure/views/view/display_products/preview/page/ajax HTTP/1.1 Host: domain Connection: keep-alive Content-Length: 12179 Cache-Control: max-age=0 Accept: application/json, text/javascript, */*; q=0.01 Origin: http://domain X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36 Content-Type: application/x-www-form-urlencoded Referer: http://domain/admin/structure/views/..._products/edit Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8,es;q=0.6 Cookie: SESS81fa2355b02c295c877cc89c84c9ea08=_QfHj0iPNidELLR3YgsIuDvHItYI_kZF94BDYLiKW6gR9KYDGNzpd7L5HSZ3cef4SNX_PD0s8IUboFCR1iBl2w..; Drupal.toolbar.collapsed=0; has_js=1 --98802e25-F-- HTTP/1.1 406 Not Acceptable Vary: User-Agent Content-Length: 0 Keep-Alive: timeout=2, max=86 Connection: Keep-Alive Content-Type: text/html --98802e25-H-- Stopwatch: 1398426829207293 1109584 (- - -) Stopwatch2: 1398426829207293 1109584; combined=16, p1=0, p2=0, p3=0, p4=0, p5=15, sr=0, sw=1, l=0, gc=0 Producer: ModSecurity for Apache/2.7.7 (ModSecurity: Open Source Web Application Firewall). Server: Apache
    0
  • sahostking
    After tons of troubleshooting and trying different methods, we tried something simple. Wait for it........ Remove the customer out of CageFS as we use Cloudlinux. Amazingly it worked. :) Finally. Yippeee
    0
  • cPanelMichael
    I am happy to see you were able to resolve the issue. Thank you for updating us with the outcome.
    0
  • vanessa
    [quote="sahostking, post: 1629472">After tons of troubleshooting and trying different methods, we tried something simple. Wait for it........ Remove the customer out of CageFS as we use Cloudlinux. Amazingly it worked. :) Finally. Yippeee
    You may want to report this to CL as a bug. I don't see why CageFS has any valid reason to interfere with Apache configs in this fashion.
    0
  • cPanelMichael
    [QUOTE]Remove the customer out of CageFS as we use Cloudlinux.
    I noticed a thread was opened for the issue here: [url=http://cloudlinux.com/solutions/forum/forum11/topic741/]CageFS and ModSecurity 406 Error Feel free to submit a ticket directly to Cloud Linux through their help desk if you would like additional assistance. Thank you.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post