ModSecurity

Disable ModSecurity for a specific URL

On a web site that is protected with ModSecurity, when admin edit HTML pages in admin area, ModSecurity falsely detect it as XSS attack.

ModSecurity

What we can do is disable specific rules that create this false positive. But in this case, it is bceause HTML is submitted. This application normally done need HTML submitted on any other part of the site. So it is better just disable ModSecurity for the specific URL that cause this error.

To do this, add following code to Apache VirtualHost entry for this web site.

This will disable ModSecurity for URLs /admin_area/manage_pages.php and /admin_area/edit_announcement.php

Install ModSecurity on Debian

To install ModSecurity on Debian/Ubuntu Apache web server, run

Restart Apache web server

Verify mod_security installed with

To activate ModSecurity rules, run

Edit

set

Get latest rules

Emable the config file

Edit file

Add

Restart Apache

ModSecurity

Install ModSecurity on Debian
Disable ModSecurity for a specific URL

ModSecurity is a Web Application Firewall. Protect sites from SQL injection and Application level hacking.

To install ModSecurity on Ubuntu/Debian with Apache, run

verify Apache module is installed with

Enable config file

Update config

Restart Apache