Delete or Uninstall ModSecurity (mod_security)

ModSecurity is a application firewallOpen source that provides protection web pages hosted on the server. Basically, ModSecurity (mod_security) Monitoring si analyzes Real-time traffic HTTP and provides protection for a series of attacks that could occur on web pages.
ModSecurity can be installed and can be found on web server either as module Apache Web Server (Mod_security) or as a standalone application.
Even if it is designed to protect web applications, ModSecurity can also create a number of problems. The most common problem of mod_security is banning access to certain web pages of users or robots indexing (gender Googlebot). can generate errors false-positive gender: 403 HTTP (Forbidden or Access Denied), 412 HTTP (preconditioned Failed), 406 HTTP (Not Acceptable) or errors sessions login / authentication web site.

ModSecurity is a good Web application firewallBut it must be configured manually according to the needs and specific website or blog that protects you. If you use a server with Apache mod_security and do not want to complicate the config, then you disable ModSecurity to a site by using File .htaccess placed in the root (the root) website. You need to add the. Htaccess following lines:

Off SecFilterEngine
Off SecFilterScanPOST

These lines placed in the root of a Web site will disable the ModSecurity (mod_security) for the whole field.

Uninstall or Delete the ModSecurity module (mod_security) from Apache.

Mod_security usually found in folder config Apache. On most web server it is located in / Usr / local / apache / config.


Before moving to manually delete application files (in our case the files that begin with "modsec2. "), You have to eliminate the lines below httpd.conf.

Security_module LoadModule modules /
Include "/usr/local/apache/conf/modsec2.conf"

After you save the changes made in the httpd.conf, restart Apache Web Server.

/etc/init.d/httpd restart

Now you can delete files that begin with "modsec2." / Usr / local / apache / config.

For servers that have installed WebHost Manager (WHM) the ModSecurity uninstallation procedure is even simpler. Go to cPanel / WHM in Addon Modules and click Uninstall on module mod_security.


Delete or Uninstall ModSecurity (mod_security)

About the author

Stealth LP

Founder and editor Stealth SettingsIn 2006 date.
Experience on Linux operating systems (especially CentOS), Mac OS X, Windows XP> Windows 10 and WordPress (CMS).

Leave a Comment