Question
Are these mod_security rules safe to disable?
- Posted August 1, 2014
Hi, for the sake of my contact forms usability, I have disabled the following mod_security rules that were causing false positives:
SecRuleRemoveById 981242
SecRuleRemoveById 981172
SecRuleRemoveById 981173
SecRuleRemoveById 959070
SecRuleRemoveById 200003
SecRuleRemoveById 981318
SecRuleRemoveById 950901
SecRuleRemoveById 981256
SecRuleRemoveById 981257
SecRuleRemoveById 981231
SecRuleRemoveById 981245
Am I creating a security hole? Is there any safer alternative mod_security configuration?
thanks
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Try DigitalOcean for free
Click below to sign up and get $100 of credit to try our products over 60 days!
I actually followed that tutorial to setup mod_security on my server and I set up to the rules to be removed only in specific locations (those containing forms). The problem was not the module conflicting with my plugins but it being triggered when a user inputs a special character in any of my web forms (like % or $ or ’ or #).
So I removed and those rules in order to o disable the special character triggers.
It’s not a security hole. Here you need read it first:
Read: Excluding Hosts and Directories ModSecurity: Debian-Ubuntu
Read some example: Wordpress ModSecurity
Conclusion: Mod Security does not play nice with some apps in example WordPress or by some other application. You should also look for information related to the application you are using.