Apache2: Disable mod_security for a virtual host

How to remove the security module for a particular site.

This cannot be done in the htaccess file for modsecurity2 – youll get a sitewide 500 error and “SecRuleEngine not allowed here”.

To switch it off in the vhost:

<VirtualHost *:80>
        #...
        ServerName ...
        ServerAlias ...

        ServerAdmin ...
        DocumentRoot ...
        
        <IfModule mod_security2.c>
                SecRuleEngine Off
        </IfModule>

Leave a Reply

Your email address will not be published. Required fields are marked *