Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            How To Disable Mod Security

            Created by Haider Ali, Modified on Sun, 26 Oct at 5:38 AM by Haider Ali

            Have you ever attempted to create a post in WordPress, Xenforo, or any other content management system, only to encounter a 500 internal server error?


            Yesterday, I was having a conversation on Google Meet with a friend of mine (who is also a Webfoundr customer) facing this problem repeatedly.


            To begin with, I can relate as I’ve been dealing with this issue for almost a decade, and it has often left me frustrated while trying to figure it out.


            You need to disable Mod Security


            After spending HOURS troubleshooting this many years ago, I discovered it was Mod Security blocking it.


            More specifically, some word processing programs such as Microsoft Word insert ambiguous characters into your text which when pasted into WordPress (or similar) can create the error as Mod Security considers it a threat.


            This is also the same problem many face when trying to get the Manage WP Worker plugin to connect.


            How to disable Mod Security


            You can do this by logging into cPanel, searching for, and then clicking on ModSecurity:





            You can then disable it for the domain in question or for your entire cPanel account:





            If you administer your server you can login to Web Host Manager -> ModSecurity Tools and you can disable the one rule causing the issue (if you don’t want to disable Mod Security all together).


            This works as well, but sometimes you’ll find there are multiple rules creating the issue. In a lot of cases it’s just as easy to disable it all together.


            If you must do that, it's best to contact support, have us look though some logs for your IP address and see exactly which rule is causing the issue. The short fix is just turning off mod_security. But mod_security is great for protecting your website. So contact us and we can examine logs to determine which rule needs to be whitelisted. That way you can still enjoy 'behind the scenes' protection.


            How to keep your website secure


            Mod Security acts as a web application firewall blocking your site from many hacking attempts. If you decide to disable it you need to make sure you regularly change your passwords (using strong ones) as well as keep your software updated.


            This means regularly updating WordPress (when updates are available) as well as all your plugins, themes, etc. Running older versions of software is the number one reason websites get hacked. Also using insecure passwords without strong characters!


            If you have any questions or issues with this, feel free to reach out and our team can ensure your website is secured!

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0