Skip to main content
How to Disable ModSecurity

Disabling mod_security through .htaccess

Updated over a week ago

ModSecurity is an open-source web application firewall (WAF) software designed to enhance the security of web applications and protect them from various cyber threats, including SQL injection and cross-site scripting, among other types of attacks.

At Hostinger, ModSecurity is enabled by default and, while the recommendation is to keep it enabled, there may be cases where you may require to disable ModSecurity; for example, to fix compatibility issues with some of your scripts, plugins or widgets.

To disable ModSecurity, open the .htaccess file of your website using the File Manager, or create one if it doesn't exist.

Next, add the following lines:

SecFilterEngine Off
SecFilterScanPOST Off

After saving the changes, ModSecurity will be disabled for your website.

Did this answer your question?