Disable Mod_Security Rule in Apache Manually

  • You need to debug why your URL got blocked, and to get the firewall rule id.
  • use the following command line :
sudo tail -f /var/log/apache2/modsec_audit.log
  • This will monitor the blocked requests.
  • Hit the URL again to check the logs and see why it got blocked , and you will get something like the following
  • Use this Id and the URI you need to exclude and add it to the following file /etc/apache2/mods-enabled/security2.conf
nano /etc/apache2/mods-enabled/security2.conf
<LocationMatch "/assessments/update">
    <IfModule security2_module>
        SecRuleRemoveById 911100
    </IfModule>
</LocationMatch>

between <IfModule> </IfModule>

  • Restart Apache
systemctl restart apache2

Get in touch

Get in touch and let us share how we can start securing your online life and business.