How to disable mod_security in .htaccess file

May 12th, 2008 | Category: Security, Weblog, WordPress | 12 Comments

It is quite common that mod_security is interfering the functions of your web applications. mod_security is installed and enabled by your web server admin but you can still disable it for your individual website using .htaccess file by following this tutorial.

mod_security is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications.” — HowtoForge

Disable mod_security in .htaccess file

  1. If you do not have one yet, an .htaccess file in the folder of your web application
  2. To disable mod_security COMPLETELY, add the following line to the .htaccess file:
    SecFilterEngine Off
    OR, to disable HTTP POST scanning only, use the following instead:
    SecFilterScanPOST Off
  3. Save the file and test your web application to check whether disabling mod_security has solved your problem.

I recommend you to try SecFilterScanPOST Off first, instead of disabling mod_security completely.

(Continued…)

LiewCF.com is a tech site on latest technology news, free stuff, online revenue, gadgets, reviews, tips and tricks, and other interesting stuff.

Subscribe now to get updates automatically. It's free!