Monday, July 9, 2007

How to disable mod_security on Linux server

Problems with mod_security - getting 403 Forbidden / Not Acceptable?

Recently, there have been many reports on this forum regarding problems with mod_security, one of the modules loaded into Apache. If you are having problems with 403 Forbidden or other problems that happen once in a while for quite mysterious reasons, read on and see if mod_security is your problem.

The apparent error that is generated is normally a page saying:

* 403 Forbidden: You don't have permission to access on this server.
* Not Acceptable: An appropriate representation of the requested resource could not be found on this server.

In the server error log, an error similar to the one below may show up:

[Sat Oct 8 16:33:45 2005] [error] [client 143.126.829.678] mod_security: Access denied with code 403.


Here are a list of known symptoms

* Admin CP - Templates Manager - Cannot expand the usercp template group
* Front end - Posting/Editing posts - Message with content similar to harmful commands (example: uname -a)
* The above errors occur when specific data is being requested from the server (example: all the other template-groups work except for usercp templates, and other messages are able to be posted)


Confirm that mod_security is installed on your server:

To confirm that the mod_security module is installed on your server, open your PHP Info page (there is one in your forum's Admin CP). Scroll down and find the heading "Loaded Modules" and see if "mod_security" is in the list.

The Solution is as follows :

Place this code in a .htaccess file in your MyBB folder on the server.
Code:

SecFilterEngine Off

Note, this will disable the security function of the mod_security module for the files inside the MyBB folder. This solution is a tradeoff: security vs usability. Use this solution at your own risk.

It is an Apache modification, designed like a firewall, its purpose 'is to increase web application security, protecting web applications from known and unknown attacks'.

please refer below url:

http://www.modsecurity.org/

You can always just upload the .htaccess file when you need to edit the User CP templates (if that is the only problem you are having), and then delete it when you no longer need to use it.


As ModSecurity is an open source intrusion detection and prevention engine for web applications but sometimes it is configured in wrong format. It is better to disable it at this time .....Enjoy

posted by The Great Anil @ 2:53 AM Comments: 0