How do I disable mod_security?

March 24, 2013     0 comments

Mod_security helps protect you against various Perl, PHP and Ruby exploits but it can have false positives depending on the URL the user is visiting.  If you're receiving a 403 forbidden on a page it is most likely mod_security.  You can disable mod_security by adding the following to your .htaccess file:

SecFilterEngine Off
SecFilterScanPOST Off

Once disabled make sure to keep your scripts up to date as there is no prevention system if there was ever to be an exploit for the script.

UPDATE: It seems that Mod Security 2.5+ doesn't let you use the htaccess file to disable it If you need to disable it for a file or directory, please open a support ticket. We will only disable it for a file or directory.

How helpful was this article to you?

FraudLabs Pro Secured Seal