Page 1 of 1

Welcome to the Tweaking4All community forums!
When participating, please keep the Forum Rules in mind!

Topics for particular software or systems: Start your topic link with the name of the application or system.
For example “MacOS X – Your question“, or “MS Word – Your Tip or Trick“.

Please note that switching to another language when reading a post will not bring you to the same post, in Dutch, as there is no translation for that post!

Interworx - How to ...
Clear all

[Solved] Interworx - How to disable certain modsecurity2 rules

1 Posts
1 Users
0 Reactions
Famed Member Admin
Joined: 11 years ago
Posts: 2714
Topic starter  

When you're running Wordpress, and/or a forum with it, you may run into modsecurity being a little too eager in catching potential issues.
I've ran into this in the past (see this article on modsecurity fixes). Trying to help a friend, running his website on a server that uses InterWorx (instead of cPanel/WHM), gave me a few challenges that I had not expected.

Anyhoo - since I couldn't find a quick fix, I figured I'd post it here, just in case I need it in the future or some else is looking for this.

First you will need to know what modsecurity rules are causing problems. You can find these in you Apache log.
For this example I'll just assume that rules 300015 and 300016 are a problem.

Before applying the exception, make sure to reproduce the issue as simple as possible, so we can test if the exception worked when applied.

Next we need to know the URL that is causing this problem.
Let's say the URL is where folks can post in the "garden" forum's sub topic "flowers".
Key here is: /forum/garden/flowers
However, if you'd like to apply this for the entire forum, you could use: /forum

Next we need to edit (or create) a whitelist.conf file:


I used nano for that, so:

cd /etc/httpd/modsecurity.d
nano whitelist.conf

Now we need to add our exception like so:

<IfModule mod_security2.c>
  <LocationMatch "/forum">
    SecRuleRemoveById 300015 300016


Now save the file (CTRL+X), and use httpd to test the syntax for typos:

httpd -t

and restart Apache to put in play

systemctl restart httpd

Good time to test if this worked.