It’s easy to disable mod security, however the fix varies depending upon the version of mod_security and the way that it has been installed. For mod_security 1.X try the following in a .htaccess within the user’s home folder:
SecFilterEngine Off
If that causes a site error or it doesn’t work you’re most likely using mod security 2.X. To disable mod security on version 2.X:
First you have to find the path to your whitelist file. To find this cd into your apache configuration folder. On cpanel you would run:
cd /usr/local/apache/conf
Then run:
grep whitelist *|grep modsec
This should show you the exact location of your whitelist file. If the file doesn’t exist create it using touch or vi. Once the file has been created add the following:
SecRule SERVER_NAME “yourdomain.com” phase:1,nolog,allow,ctl:ruleEngine=off
Be sure to replace yourdomain.com with the domain that you want to disable mod security on. Then save the file and restart apache.