Alright, I’m lazy so I always make a script/utility for anything and everything. Another fine piece of lazygineering.

This little script disables mod_security on specific domains that you pick, mod_security2 does not allow disabling it from .htaccess and it’s pretty annoying to do the same work all over and over again, why not make it one line only.

Introducing, disable_modsec — Enjoy lazy cPanel server admins.

#!/usr/bin/perl

use strict;
use lib qw(/usr/local/cpanel);
use Cpanel::AcctUtils::DomainOwner;

if ($ARGV[0])
{
# Get username
my $username = Cpanel::AcctUtils::DomainOwner::getdomainowner($ARGV[0]);
my $domain = $ARGV[0];

# Create directory for config
system ('mkdir -p /usr/local/apache/conf/userdata/std/2/'.$username.'/'.$domain);

# Create config file
open (CONFIG, ">>/usr/local/apache/conf/userdata/std/2/".$username.'/'.$domain.'/modsec.conf');
print CONFIG "\nSecRuleEngine Off\n";
close CONFIG;

# Enable vHost includes
system ('/scripts/ensure_vhost_includes --user='.$username);
} else {
print("Usage: disable_modsec [domain]\n");
}