ModSecurity is an open source embeddable web application firewall, or intrusion detection and prevention engine for web applications. ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure, by operating as an Apache Web server module mod_security or standalone, and thus increase web application security. However, misconfigured or overly strict rule sets, ModSecurity may cause your website to return various errors such as HTTP 403 Forbidden error or access denied error, login problems, or HTTP 412 Precondition Failed error, or HTTP 406 Not Acceptable error and other false positive symptoms.

To make matter worse, the configuration of ModSecurity rules and filters have to be done manually. Although there are free predefined certified rule set which can be used with ModSecurity out of the box, however the rule sets may be not suitable for each and every environment and may interfere with the operation of websites or blogs, and customizing and modifying the rules may be too sophisticated or complicated for some users. And for some websites that hosted on shared hosting service, the mod_security may be enable by default without options. So in this case, the best solution or workaround for mod security related issues is to disable mod_security filtering and rules.

If you’re using Apache web server (which mostly do), mod_security can be disabled by adding a specific in .htaccess file. Locate the .htaccess file in Apache web root directory (public_html or /var/www/ or others), if it does not exist, create a new file named .htaccess, and add in the following code:

<IfModule mod_security.c>
   SecFilterEngine Off
   SecFilterScanPOST Off
</IfModule>

The above entries in the .htaccess will disable the ModSecurity (mod_security) module for the domain.

Uninstallation of ModSecurity (mod_security) from Apache module

The easiest way to remove and uninstall mod_security is to comment out or delete the related mod_security entries from httpd.conf Apache configuration file. The lines that should be removed include:

AddModule mod_security.c
LoadModule security_module modules/mod_security.so
Include "/usr/local/apache/conf/modsec.conf" (This line may be different depending on what variant of Linux or Unix you used and the installation location)

Save the httpd.conf and restart the Apache. ModSecurity will not be loaded and as if uninstalled.

If you’re using cPanel WebHost Manager (WHM), uninstallation is even simpler. Just scroll to cPanel section, and click on Addon Modules. Then scroll to module named ModSecurity. It should be checked Install and Keep Updated currently. Just click on Uninstall to remove the mod security feature from Apache web server.

You May Also Interested In: