Support Centre
Knowledgebase Home
Web Hosting
Control Panel
Contact Support

Disabling The Web Application Firewall

To protect websites hosted with Web Wiz from attacks, we use ModSecurity Web Application Firewall (WAF) configured with our own custom rules. The WAF helps to protect your website by filtering and blocking malicious HTTP/S traffic reaching your website.

If you receive a '403 - Forbidden: Access is denied error message' from your website, this could likely be the Web Application Firewall blocking the request. In the first instance, you should Contact Support and ask to raise a false positive for the Web Application Firewall, and we will investigate the issue.

While the rules are generic they may not suit every website. Therefore you may need to disable the Web Application Firewall for your website. This page shows how to disable the Web Application Firewall through your websites web.config file.

1. Find your websites web.config file located in the root of your websites public_html folder. The web.config file is a special file that contains the web server settings for your website.

2. Download the web.config file to your computer using FTP and open the file in Notepad.

3. Locate the <system.webServer> section of your web.config file and add the following section.


	<modules> <remove name="ModSecurity IIS (32bits)" /> <remove name="ModSecurity IIS (64bits)" /> </modules>

4. Save your web.config file.

5. Uploaded your edited web.config file to your websites public_html folder.

Back To Hosting Knowledgebase Menu

About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Policy

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.