Disable Mod_Security on Directadmin server

If you decided to use Modsecurity on your server with DirectAdmin, there is sometimes a need to disable mod_security on server.

Default custombuild installation, mod_security rules installed in:

/etc/modsecurity.d/

Apache load’s ModSecurity modules and configuration in:

/etc/httpd/conf/extra/httpd-modsecurity.conf

Disable mod_security

Easiest way disable Modsecurity is disable apache to load ModSecurity module in https-modsecurity.conf file. Just add #comment’s to begin LoadModule directive:

httpd-modsecurity.conf

LoadFile /usr/local/lib/libxml2.so
#LoadModule security2_module /usr/lib/apache/mod_security2.so
<ifmodule mod_security2.c>
    # Default recommended configuration
    SecRuleEngine On
    SecRequestBodyAccess On
    .
    .
    .
</ifmodule>

SecRuleEngine

Another method if you wanna keep ModSecurity module loaded to apache is change SecRuleEngine to Off

SecRuleEngine Off

Final words

Read more about Malware Expert – ModSecurity rules and protect your web server vulnerabilities with Web Application Firewall.