If you decided to use Modsecurity on your server with DirectAdmin, there is sometimes a need to disable the module for a particular domain (virtual host). And here I'm going to describe how to achieve the desired.
We presume, you've got mod_security already installed and configured in you box, otherwise install it. A guide you will find with Google, for now I'm not going to describe this part.
Do not overwrite VirtualHost templates in your custom directory, if you already have them there:
cp virtual_host2*.conf custom
Details on how to use custom VirtualHost templates can be found here: http://help.directadmin.com/item.php?id=2
You should update all of the 4 files:
Put this line:
at the top of all the 4 files.
Put this code
SuexecUserGroup |USER| |GROUP|
Save files and execute this command:
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
wait a minute or so.
Main ModSecurity configuration should come before line:
# Virtual hosts
It would be the best choice to put directives into a head of the file /etc/httpd/conf/httpd.conf
#LoadModule dummy_module /usr/lib/apache/mod_dummy.so
Now create /etc/httpd/conf/extra/httpd-custom-modsecurity.conf and put there all directives for ModSecurity. In my particular I've got there
LoadModule security2_module /usr/lib/apache/mod_security2.so
The order is very important here. You won't be able to disable ModSecurity for a VirtualHost if the order would be reverse. It means you should firstly enable ModSecurity globally, and then disable it for every particular domain.
If you disable the module for a domain, ModSecurity will disabled and for all of its subdomains. To avoid it, you'll need to add a subdomain as a regular self-standing domain.
Do you want a Plugin for DirectAdmin to manage ModSecurity in a simpler way? Do you want our assistance to install and configure ModSecurity on your server?
We're ready to help you!