mod_security Blocking Form Contents
mod_security Blocking Form Contents (IE: Textboxes containing URL Links)
If a TextBox has a URL (starting with HTTP) as its contents, submitting the form triggers a FORBIDDEN error, I have tracked this down to a setting in "mod_security" which is possibly designed to prevent SQL Injection Attacks.
I need to disable this option in "mod_security", How can I do this on cPanel?
PS: I get my cPanel account through Zen Internet if this makes a difference.
-
As a website owner, you can disable all of mod security for a domain in cPanel (assuming your provider has made it available to you) in the Security > Mod Security settings. You would need to talk to your server administration to make changes to individual rules that might be interfering with your forms. 0 -
Hello, You will need to contact your hosting provider if you want a specific Mod_Security rule whitelisted for your account. You could also enable or disable Mod_Security for one or all domain names associated with your account if your hosting provider has enabled ModSecurity Domain Manager for your account: ModSecurity Domain Manager - Documentation - cPanel Documentation Thank you. 0 -
For the love of God please don't disable modsecurity for your domain entirely. It provides essential protections for you. Generally these issues can be resolved by whitelisting a rule or two. If you do not have root, your hosting provider should be experienced in resolving these issues. If their answer is disabling modsecurity for your domain, find a new host. 0
Please sign in to leave a comment.
Comments
3 comments