How to enable AllowEncodedSlashes?

The instructions for adding "AllowEncodedSlashes On" setting are:

Make the following directory. Replace username with the username of the user and domain.tld with the domain.

Code:
mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/CPANELUSERNAME/DOMAIN.TLD/
mkdir -p /etc/apache2/conf.d/userdata/std/2_4/CPANELUSERNAME/DOMAIN.TLD/
Create slashes.conf file
Code:
vi /etc/apache2/conf.d/userdata/std/2_4/CPANELUSERNAME/DOMAIN.TLD/slashes.conf

add

Code:
AllowEncodedSlashes On

to the file.

Copy the code slashes.conf to SSL folder:

cp/etc/apache2/conf.d/userdata/std/2_4/CPANELUSERNAME/DOMAIN.TLD/slashes.conf  /etc/apache2/conf.d/userdata/ssl/2_4/CPANELUSERNAME/DOMAIN.TLD/


Once this is done, you rebuild the httpd.conf file, so this is included in the webservers configuration:
 

/usr/local/cpanel/scripts/rebuildhttpdconf

 
Lastly, restart Apache so the configuration is loaded:
 

/usr/local/cpanel/scripts/restartsrv_httpd

 Debugging ModSecurity

If this is not working, try disabling modsecurity. Rule ID's 930120 and 949110 are hit when implementing the changes. 

How to whitelist mod_security rule / rule set globally

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How addon domain parked outside public_html dir

There's an option to disable this here:WebHost Manager »Server Configuration »Tweak Settings,...

Fix cPanel Error “IP Address Has Changed!”

This document will cover how to disable the security for Cookie + IP Authentication.  Step 1:...

How to Install Imagick on cPanel Server

Install ImageMagick on the server. SSH into your server Install it by typing: yum install...

How to disable LFD excessive resource usage alert?

Login Failure Daemon(LFD) is a daemon process which runs on VPS or Dedicated servers that uses...

How to Exclude Files from Backups?

Overview To exclude files or directories from your user backups, perform either of the following...