Newly installed server and I'm just interested in doing some development for a web application. Modsecurity is used for implementing protocol level security, but it is not for everyone. Using it requires internet security knowledge. Four reasons not to use mod_security
Here's how to turn off modsecurity. Locate in
And for "DetectionOnly" switch this to:
And of course, restart apache once you are done:
# service httpd restart
It is recommended to run modsecurity in detection only until you are comfortable with writing rule sets.