Disable Mod_Security on Directadmin server

If you decided to use Modsecurity on your server with DirectAdmin, there is sometimes a need to disable mod_security on server.

Default custombuild installation, mod_security rules installed in:


Apache load’s ModSecurity modules and configuration in:


Disable mod_security

Easiest way disable Modsecurity is disable apache to load ModSecurity module in https-modsecurity.conf file. Just add #comment’s to begin LoadModule directive:


LoadFile /usr/local/lib/libxml2.so
#LoadModule security2_module /usr/lib/apache/mod_security2.so
<ifmodule mod_security2.c>
    # Default recommended configuration
    SecRuleEngine On
    SecRequestBodyAccess On


Another method if you wanna keep ModSecurity module loaded to apache is change SecRuleEngine to Off

SecRuleEngine Off

Final words

Read more about Malware Expert – ModSecurity rules and protect your web server vulnerabilities with Web Application Firewall.